Installation Overview

Before installing SKIP, be sure that you have the CD-ROM for the base software and any encryption upgrade CD-ROMs or diskettes to which you are entitled.

If you are an experienced SKIP user who just wants a quick installation overview, see Appendix A, Quick-Start Guide.

New Users

For the new user, this chapter tells about:

• Installing SunScreen SKIP ("Installing the New Version").

• Generating and installing an Unsigned Diffie-Hellman (UDH) key pair, if you are using UDH ("Installing SKIP Unsigned Diffie-Hellman (UDH) Certificates").

• Installing SunScreen SKIP on your network interface ("Installing Your Network Interface").

• Rebooting your system ("Rebooting Your System").

• Protecting your locally stored secrets with a passphrase ("Activating Your Passphrase").

Upgrade Users

For the user who is upgrading from any version of SunScreen SKIP for the Solaris operating environment to this release, this chapter covers these additional topics (as well as the previously mentioned installation topics).

• Upgrading to SunScreen SKIP ("Upgrading From Earlier SKIP Versions").

• Removing any old version of SKIP for the Solaris operating environment

• Preserving or removing previous configurations

Cryptography Upgrade Users

This chapter also contains information on how to add cryptography upgrade packages for those users who for example want to upgrade from a SKIP 512- bit version to a SKIP 2048- bit or 4096- bit versions.

Installing SKIP for the First Time

This section provides instructions for installing SKIP on the SPARC and Intel platforms running the Solaris 2.6, Solaris 7, or Solaris 8 operating environments.

To install and run the software, you must be able to become root on your local system and know the IP address of the machine on which SKIP is to be installed. Ask your systems administrator for the IP address of your machine. To install the software for the first time (or if you are installing it without saving the configurations), follow these steps:

1. Open a terminal window and become root.

2. Mount the CD-ROM through the file manager by typing:

   # volcheck

   ---

   Note -

   If you are not using vold on your system, type

   # mount -F hsfs -oro /dev/dsk/c0t6d0s0 /mnt

   The device name or the mount point or both depends on your local system configuration.

   ---

3. Go to the directory on the CD-ROM for your OS. (The examples assume a machine with only one CD-ROM.)

   Solaris operating environment for the SPARC Platform:

   # cd /cdrom/cdrom0/sparc

   Solaris operating environments for the Intel Platform:

   # cd /cdrom/cdrom0/x86

   ---

   Note -

   If you have mounted the CD-ROM manually, replace /cdrom/cdrom0 with /mnt.

   ---

4. Type the standard Solaris operating environment pkgadd command to add all packages:

   # pkgadd -d .

   You are prompted with the following menu of packages.

   1 SUNW3des SKIP 3DES Crypto Module (sparc) 1.5.1 2 SUNW3desx SKIP 3DES Crypto Module (64-bit (sparc) 1.5.1 3 SUNWbdc SKIP Bulk Data Crypt (sparc) 1.5.1 4 SUNWbdcx SKIP Bulk Data Crypt (64-bit) (sparc) 1.5.1 5 SUNWdes SKIP DES Crypto Module (sparc) 1.5.1 6 SUNWdesx SKIP DES Crypto Module (64-bit) (sparc) 1.5.1 7 SUNWes SKIP End System (sparc) 1.5.1 8 SUNWesx SKIP End System (64-bit (sparc) 1.5.1 9 SUNWkdsup SKIP D-Support module (sparc) 1.5.1 10 SUNWkeymg SKIP Key Manager Tools (sparc) 1.5.1 ... 8 more menu choices to follow; <RETURN> for more choices, <CTRL-D> to stop display: 11 SUNWrc2 SKIP RC2 Crypto Module (sparc) 1.5.1 12 SUNWrc4 SKIP RC4 Crypto Module (sparc) 1.5.1 13 SUNWrc4s SKIP RC4-128 Crypto Module (sparc) 1.5.1 14 SUNWrc4sx SKIP RC4-128 Crypto Module (64-bit) (sparc) 1.5.1 15 SUNWrc4x SKIP RC4 Crypto Module (64-bit) (sparc) 1.5.1 16 SUNWsafe SKIP SAFER Crypto Module (sparc) 1.5.1 17 SUNWsafex SKIP SAFER Crypto Module (64-bit (sparc) 1.5.1 18 SUNWsman SKIP Man Pages (sparc) 1.5.1 Select package(s) you wish to process (or "all" to process all packages). (default: all) [?,??,q]:

5. Select a (all). As the prompts appear, answer questions with y (yes) to add the package.

6. When you get back to the same menu of packages, type q to quit.

7. To eject the CD-ROM from the CD-ROM drive, type:

   # cd / # eject cdrom0

   or eject the CD-ROM from the CD-ROM drive through the file manager.

   ---

   Note -

   If you are not using vold on your system, unmount your CD-ROM by typing:

   # cd / # umount/mnt # eject cdrom0

   ---

8. To add /usr/sbin to your PATH variable in the Bourne shell, type:

   PATH=/usr/sbin:$PATH export PATH

9. To add /usr/share/man to your MANPATH variable in the Bourne shell, type:

   MANPATH=/usr/share/man:$MANPATH export MANPATH

10. It is helpful to add /usr/sbin to the PATH variable in your initialization file (such as .profile, .cshrc, or .login file), and /usr/share/man to the MANPATH variable in the same file.

Now you are ready to complete the installation. The remaining steps include:

• Generating and installing SKIP Unsigned Diffie-Hellman (UDH) certificates ("Installing SKIP Unsigned Diffie-Hellman (UDH) Certificates") or installing SunCA certificates (Chapter 2, Installing Keys and Certificates). You can use SKIP Unsigned Diffie-Hellman certificates and SunCA keys and certificates at the same time with SunScreen SKIP.

• Installing SunScreen SKIP on your network interface ("Installing Your Network Interface").

• Rebooting your system ("Rebooting Your System").