Privileged Session Manager for SSH installation file

The installation input file for Privileged Session Manager for SSH is called psmpparms. It specifies the parameters that determine how and wherePrivileged Session Manager for SSH is installed. This file is included in the installation package as psmpparms.sample, and must be moved to the /var/tmp directory and renamed to psmpparms before starting installation.

The following table lists the parameters in the psmpparms file.

CredFilePath
Description The full pathname of the credentials file that will authenticate the user who will create the Provider environment in the Vault.
Acceptable Values Pathname
Default Value -
VaultFilePath
Description The full pathname of the Vault.ini file.
Acceptable Values Pathname
Default Value -
AcceptCyberArkEULA
Description Whether or not the user installing Privileged Session Manager for SSH accepts all the terms of the Privileged Session Manager for SSH end user license agreement. Privileged Session Manager for SSH  can only be installed after the user accepts all the terms of the license agreement.
Acceptable Values Yes/No
Default Value -
PSMPAppUser
Description The name of the Privileged Session Manager for SSH application user.
Acceptable Values Username
Default Value PSMPApp_<hostname>
PSMPGWUser
Description The name of the Privileged Session Manager for SSH gateway user.
Acceptable Values Gateway username
Default Value PSMPGW_<hostname>
PSMPConfigurationSafe
Description

The name of the Safe where the xml configuration files are stored. By default, this parameter specifies the default PVWA configuration Safe.

 

This Safe name may contain up to 28 characters

Acceptable Values Safename
Default Value PVWAConfig
PSMPConfigurationFolder
Description

The folder in the configuration Safe where the xml configuration files are stored. By default, this parameter specifies the folder where the default PVWA configuration file is stored.

 

This folder name may not contain any of the following characters: \/:*?"<>|'

Acceptable Values Foldername
Default Value \Root
PSMPPVConfigurationFileName
Description

The name of the xml configuration file. By default, this parameter specifies the default Privileged Session Manager for SSH configuration file.

 

This folder name may not contain any of the following characters: \/:*?"<>|'

Acceptable Values Filename
Default Value PVConfiguration.xml
PSMPPoliciesConfigurationFileName
Description

The name of the xml policies configuration file. By default, this parameter specifies the default policies configuration file.

 

This folder name may not contain any of the following characters: \/:*?"<>|'

Acceptable Values Filename
Default Value

Policies.xml

CreateVaultEnvironment

Description

Whether or not the installation creates the Privileged Session Manager for SSH environment in the Vault automatically. By default, this parameter is set to Yes.

For standard installation leave the default.

For installation in stages specify No.

Acceptable Values Yes/No
Default Value

Yes

PSMPClientApp

Description

The client application to set or update the PSMP-SSH Connection component.

Acceptable Values OpenSSH, Plink
Default Value

OpenSSH

PSMPUpdateClientApp

Description

Whether to update the client app of the PSMP-SSH Connection Component if the connection component exists.

Acceptable Values Yes/No
Default Value

Yes

UpdateCredFile

Description

Whether to recreate the credential file of the PSM for SSH users when there is a repair or upgrade and the PSM for SSH envmanager utility runs.

Acceptable Values
  • Yes - Always recreate the credential file.

  • No - Never recreate the credential file.

  • Inferred - The PSM for SSH envmanager utility updates the credential file if one of these conditions is met:

    • A newer, more secure, cred file version exists

    • The existing cred file on the filesystem does not meet the security policy of the new PSM for SSH version

    PSM for SSH app users must match between the installation and credential file.

Default Value

Inferred

ADBridgeUpdateCredFile

Description

Whether to recreate the credential file of the PSM for SSH ADBridge users when there is a repair or upgrade and the PSM for SSH envmanager utility runs.

Acceptable Values
  • Yes - Always recreate the credential file.

  • No - Never recreate the credential file.

  • Inferred - The PSM for SSH envmanager utility updates the credential file if one of these conditions is met:

    • A newer, more secure, cred file version exists

    • The existing cred file on the filesystem does not meet the security policy of the new PSM for SSH version

    PSM for SSH app users must match between the installation and credential file.

Default Value

Inferred