Linux Installation Guide
Last modified on October 9, 2024
Overview
This guide describes how to install StrongDM on your Linux machine. In a Linux environment, StrongDM consists of a command-line interface (CLI). You may be able to run some CLI commands without a complete installation. If you wish to use StrongDM in this way, check the Run Without Installation section.
Install StrongDM
Use the following steps to install StrongDM on your Linux machine. The StrongDM Desktop application is not currently available for Linux.
Open the invitation email you received for your StrongDM account.
Click the link included in the email to set your password.
Log in to StrongDM and go to the Download & Install page in the Admin UI.
Under Linux, click Download StrongDM for Linux to start the download immediately, or click Show download options to select the appropriate option for your architecture. StrongDM for Linux is available for x86-64, x86-64 (Static), and ARM64 architectures.
Optionally, check that the downloaded binary is legitimate and verify the checksum:
$ sha256sum sdmcli_40.87.0_linux_amd64.zip 3c0bd7ede828b93b3dfbd243330d4f7ee531c95940adc108bd3e53680dc81fb3 sdmcli_40.87.0_linux_amd64.zipThe checksum should match the value in the SHA256 Checksum section of the Admin UI Download & Install page.
Example of StrongDM SHA256 Checksums on the Admin UI Download & Install Page Unzip the file:
unzip sdmcli_<VERSION_NUMBER>_linux_amd64.zipFollow instructions provided by the install command, which must be executed using
sudo:sudo ./sdm installIf you have any issues, consider the following:
- The installer must be run by a user that exists in the
/etc/passwdfile. Any users remotely authenticated, such as with LDAP or an SSO service, may fail to complete the installation. - If you are installing with Fedora Linux, use the
-Eflag to preserve the user environment. This is necessary due to the way Fedora handlessudo. - If you are attempting to set up a relay, see Relays.
- The installer must be run by a user that exists in the
After executing
sdm install, you can find StrongDM in/opt/strongdmand a symlink to the binary in/usr/local/bin. Next, ensure that the sdm binary is usable from the CLI:sdm --versionGo to the CLI Reference to learn how to connect to different resources, such as datasources and servers.
Run Without Installation
Once you have downloaded and unzipped StrongDM, you can run certain commands without completing a full installation.
For instance, to run sdm audit or sdm admin commands, you can provide an admin token in the SDM_ADMIN_TOKEN environment variable. However, connecting to datasources or servers requires a running SDM daemon, so we suggest running the full installation:
The output is similar to:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 128 100 128 0 0 384 0 --:--:-- --:--:-- --:--:-- 384
100 6733k 100 6733k 0 0 2896k 0 0:00:02 0:00:02 --:--:-- 3435k
curl: Saved to filename 'sdmcli_40.87.0_linux_amd64.zip'
$ unzip sdmcli_40.87.0_linux_amd64.zip
Archive: sdmcli_40.87.0_linux_amd64.zip
inflating: sdm
$ export SDM_ADMIN_TOKEN=<token here>
$ ./sdm audit users
User ID,Email,First Name,Last Name,Role ID,StrongDM Permission,Role Name
1111,user1@organization.com,User,One,0,user,,{},[],0
2222,user2@organization.com,User,Two,,10011,admin,Engineers,{},[],0
3333,user3@organization.com,User,Three,10011,admin,Engineers,{},[],0
Recommended Reading
For detailed information on how to use the CLI, please see the CLI Reference documentation.