# PAM Jump Server Installation The purpose of this tutorial is to show how to install Jump servers and configure PAM using Dockers, to use critical resources without knowing the password required. ### Jump Server > A jump server, jump host or jump box is a system on a network used to access and manage devices in a separate security zone. A jump server is a hardened and monitored device that spans two dissimilar security zones and provides a controlled means of access between them. (\*)
From version **1.4.36 and higher,** Soffid PAM Launcher and Store installs allowing only **TLSv1.3 protocol.**
## Prerequisites Prerequisites to install PAM using Dockers: 1\. Install docker ( [https://docs.docker.com/install/](https://docs.docker.com/install/) ) 2\. Create a Docker network(\*), that network allows you to connect containers to the same bridge network to communicate: ``` sudo docker network create -d bridge NETWORKNAME ``` *\* You can use the same network defined in the Console and Sync Server installation to avoid visibility problems.* ## Screen overview ## Installation The steps required to install PAM are: 1. Create the storage server container. 2. Create the launcher container. 3. Register storage server in Soffid console. ### Fast path to create storage server and launcher containers 1\. To create both containers, you can download the following script: **[install-pam.sh](https://bookstack.soffid.com/attachments/15)** 2\. Before installing, you have to edit the file and set the name of the new network you have created, and the latest versions of the store and launcher ```shell ......... docker create \ --network soffid \ -v soffid-pam-store:/opt/soffid/tomee/data \ -p 8081:8080 \ --name soffid-pam-store \ soffid/pam-store:1.3.0 >/dev/null ...... ``` ```shell ...... docker create \ --network soffid \ -v soffid-pam-launcher:/opt/soffid/tomee/launcher \ -v /var/run/docker.sock:/var/run/docker.sock \ -p 8082:8080 \ -e STORE_SERVER="http://$PUBLIC_IP:8081/" \ -e STORE_USER="$userid" \ -e STORE_PASSWORD="$pass" \ --name soffid-pam-launcher \ soffid/pam-launcher:1.3.0 >/dev/null ...... ``` 3\. Finally, you can execute the script ``` ~/Downloads$ bash ./install-pam.sh ``` ##### A brief description of the script 1. Creates two volumes, one for the storage and the other for the launcher. 2. Creates a storage server container: 2.1. In that container the files and videos recorded will be saved. 2.2. All the data will be saved using a key. 2.3. By default, it will use the 8081 port. 3. Starts the storage container. 4. Generates the user and password to connect the launcher. 5. Creates a launcher server container: 5.1. That container will be in charge of recording and sending the recording files to the storage. 5.2. Soffid allows you to configure some environment variables:Variable | Description |
STORE\_SERVER | Store URL |
STORE\_USER | Store user |
STORE\_PASSWORD | Store password |
JAVA\_KEYSTORE | (optional) Key store path that contains the key SSL |
KEYSTORE\_PASS | (optional) SSL key |
NETWORK\_ID | (optional) Network ID for docker services |