sysadminPA 1 Posted September 21, 2021 Share Posted September 21, 2021 Hello, We are using in our organization still EEA 4 on our Ubuntu 20.04 devices, and we are looking to migrate to EEA 8, especially since we have started to encounter some errors where EEA 4 does not seem to be able to connect to the Agent that is running on the machine, and I am getting this message in our ESET Management server "Product is not connected. No connection attempt occurred." I have been testing EEA 8 on Ubuntu 20.04 for a while and I cannot really say I am very satisfied, especially regarding the Secure Boot issues. Our devices have Secure Boot enabled, and we want to keep it that way. The workflow offered by the guide for EEA 8 to deal with Secure Boot is not that comfortable to deploy on multiple machines, and more so the management of said machines can be quite cumbersome, as for any Linux kernel update, if one forgets to run the script to sign the headers, their computer might not boot next power cycle. Is there a way to actually make this more streamlined like EEA 4 used to work, where I did not need to actually set the keys manually in UEFI for Secure Boot to work seamlessly? Thanks in advance! Link to comment Share on other sites More sharing options...
Administrators Marcos 5,288 Posted September 21, 2021 Administrators Share Posted September 21, 2021 Please refer to https://help.eset.com/eeau/8/en-US/secure-boot.html : Managing several devices Suppose you manage several machines that use the same Linux kernel and have the same public key enrolled in UEFI. In that case, you can sign the EEAU kernel module on one of those machines containing the private key and then transfer the signed kernel module to the other machines. When the signing is complete: 1.Copy/paste the signed kernel module from /lib/modules/<kernel-version>/eset/eea/eset_rtp to the same path on the target machines. 2.Call depmod <kernel-version> on the target machines. 3.Restart ESET Endpoint Antivirus for Linux on the target machine to update the modules table. Execute the following command as a privileged user: systemctl restart eea In all cases, replace <kernel-version> with the corresponding kernel version. Link to comment Share on other sites More sharing options...
Recommended Posts