Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: Linux agent not able to connect to kernel

App Control: Linux agent not able to connect to kernel

Environment

  • App Control Agent: All Supported Versions
  • Linux: All Supported Versions

Symptoms

  • Agent is unable to connect to kernel.
  • Issuing the command /opt/bit9/bin/b9cli --status returns:
    Kernel: Not Connected
  • Issuing the command systemctl status b9daemon returns a similar error:
    Nov 09 13:06:11 b9daemon[1885]: modprobe: ERROR: could not insert 'cbproxy_cbp_852_20201002': Required key not available
    Nov 09 13:06:11 b9daemon[1885]: insmod /lib/modules/3.10.0-1160.2.1.el7.x86_64/kernel/lib/cbproxy_cbp_852_20201002.ko
    Nov 09 13:06:11 b9daemon[1885]: modprobe: ERROR: could not insert 'b9k_852177': Required key not available
    Nov 09 13:06:11 b9daemon[1885]: insmod /lib/modules/3.10.0-1160.2.1.el7.x86_64/kernel/lib/cbproxy_cbp_852_20201002.ko
    

Cause

Secure Boot is enabled on the endpoint and the Linux Agent does not currently (officially) support Secure Boot.

Resolution

Option 1: Disable UEFI Secure Boot:
  1. Reboot the computer > Enter into the UEFI firmware / BIOS configuration.
  2. Find the Secure Boot option (possibly under the security menu) and set it to disabled.
  3. Save the change and reboot.
Option 2: A best effort guide to sign the Agent is available here.

Related Content


Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎11-18-2020
Views:
2553
Contributors