Skip to content

Linux Agent Installation

No reboot is required for installation on Linux endpoints

Option 1: Deploy Agent with a Configuration File#

Version 21.5+ of the Linux Agent supports an easier deployment. Rather than run the commands to install, associate, activate, and then set a proxy (if applicable), you can set one configuration file to use these variables.

1. Create a configuration file with the installation parameters, each on a separate line.

Most installs will only need the following parameters in the config file:

bash
S1_AGENT_MANAGEMENT_TOKEN=eyJ1cmwiOiAiaHR0cHM6Ly91c2VhMS1zdXBwb3J0My5zZW5
S1_AGENT_AUTO_START=true

Example config file with optional parameters:

bash
S1_AGENT_MANAGEMENT_PROXY=http://10.10.10.10:1111
S1_AGENT_DV_PROXY=http://192.0.2.0:1111
S1_AGENT_MANAGEMENT_TOKEN=eyJ1cmwiOiAiaHR0cHM6Ly91c2VhMS1zdXBwb3J0My5zZW5
S1_AGENT_AUTO_START=true
S1_AGENT_CUSTOMER_ID="Custom value here"
S1_AGENT_CREATE_USER=false
S1_AGENT_CUSTOM_INSTALL_PATH=/custom/install/path/
S1_AGENT_DEVICE_TYPE=server

There is a known limitation for Site Tokens (S1_AGENT_MANAGEMENT_TOKEN) that it cannot end in a equals sign ( = ) in the configuration file. Remove this character from the end of the token.

2. Save the file and copy it to the Linux endpoint.

3. Export one environment variable that defines the absolute path to the configuration file.

Example:

bash
export S1_AGENT_INSTALL_CONFIG_PATH="/tmp/config.cfg"

4. Copy the agent package to the endpoint and install the package with the package manager.

  • RPM: rpm -i --nodigestpackage_pathname
  • DEB: dpkg -i package_pathname

Important Notes for RPM:#

RPM installation requires the --nodigest switch. If you run the RPM command without the --nodigest switch, an error shows: Package SentinelAgent_linux_version ``does not verify: no digest.

Example of the Linux Agent Configuration File usage:

bash
[root@localhost ~]# rpm -i --nodigest /home/user/SentinelAgent_Linux_21_5_3_2_x86_64-release-v21.5.3.rpm
Setting registration token...
Registration token successfully set
Setting management device type...
Device type successfully set
Setting customer ID...
Customer ID successfully set
Starting agent...
Agent is running

If this process is not successful, try option 2.

Option 2: Install Agent, Manually Associate Agent with Site, Activate Agent#

  1. Copy the agent package to the endpoint and install the package with the package manager.

    • RPM: rpm -i --nodigestpackage_pathname
    • DEB: dpkg -i package_pathname

    Important Notes for RPM:

    • RPM installation requires the --nodigest switch. If you run the RPM command without the --nodigest switch, an error shows: Package SentinelAgent_linux_version ``does not verify: no digest.
    • If you use yum install on RHEL 8.2, the signed RPM installer is required.

2. Copy the site token and run the following command:

bash
sudo /opt/sentinelone/bin/sentinelctl management token set site_token

Expect this command to complete in seconds.

Expected output:

bash
Setting registration token...
Registration token successfully set

3. Activate the Agent

bash
sudo /opt/sentinelone/bin/sentinelctl control start

Expect this command to complete in seconds. It will show:

bash
Starting agent...
Agent is running

Uninstall Agent#

Because most agents have Tamper Protection enabled, the easiest method to remove the SentinelOne agent from a device is to have SolCyber send an uninstall command from the SentinelOne console. Please open a ticket (soc@SolCyber.com) to request this.

If the device is offline or you prefer to uninstall the agent yourself, you will need to request the unique passphrase for the device from the SOC, which will enable you to remove the agent locally using the command line.