LogoLogo
Keeper Connection Manager
Keeper Connection Manager
  • Overview
  • Security Architecture
  • Installation
    • License Key
    • System Requirements
    • Preparing for Installation
    • Auto Docker Install
      • Service Management
      • Upgrading
      • Adding Packages
    • Docker Compose Install
      • keeper/guacamole
      • keeper/guacd
      • Database images
        • keeper/guacamole-db-mysql
        • keeper/guacamole-db-postgres
      • SSL Termination
        • keeper/guacamole-ssl-nginx
        • Using a Custom SSL Cert
      • Upgrading
    • Podman Install
    • Backup & Recovery
  • Authentication Options
    • SSO Auth (SAML)
      • Microsoft Azure
      • Okta
      • Google Workspace
      • OneLogin
      • Oracle
      • PingIdentity
    • 2FA with TOTP
    • 2FA with Duo
    • SSL/TLS Client Authentication
    • Multiple Hostnames
    • PIV/CAC/Smart cards
    • Account Approve/Deny Workflow
    • OpenID Connect Auth
    • LDAP Auth
      • Using Multiple LDAP Servers
      • Storing connection data within LDAP
      • Using LDAP with a database
    • Account Restrictions
  • Connection Protocols
    • RDP
    • SSH
    • VNC
    • Telnet
    • Remote Browser Isolation
    • Kubernetes
    • MySQL
      • Importing and Exporting
      • Keyboard Shortcuts
    • PostgreSQL
      • Importing and Exporting
      • Keyboard Shortcuts
    • Microsoft SQL Server
      • Importing and Exporting
      • Keyboard Shortcuts
    • Connecting to Host Instance
    • Persistent Reverse SSH Tunnel
      • AutoSSH as a Windows Service
      • Linux - AutoSSH
      • Windows - OpenSSH
  • How to Use KCM
    • Login Screen
    • Home Screen
    • Creating Connections
      • Batch Import and API
    • How to Use KCM
    • File Transfer Config
    • Sharing Connections
    • Session Recording and Playback
    • AWS EC2 Discovery
    • Credential Pass-Through
    • Dynamic Connections
    • Custom Branding
      • Add Your Logo
  • Vault Integration
    • Connecting KCM to your Vault
    • Dynamic Tokens
    • Static Tokens
    • Multiple Vaults Integration
    • EC2 Cloud Connector
    • Advanced
    • KeeperPAM
  • Custom Extensions
  • Guest Mode
  • Advanced Configuration
    • guacamole.properties
      • SAML 2.0 Authentication Configuration Properties
      • Duo Two-Factor Authentication Configuration Properties
      • Encrypted JSON Configuration Properties
      • LDAP Configuration Properties
      • MySQL / MariaDB Configuration Properties
      • PostgreSQL Configuration Properties
      • SQL Server Configuration Properties
      • Login Attempts Properties
  • Troubleshooting
  • Importing Connections
  • Exporting Connections
  • High Availability
  • Pre-Release Testing
  • Changelog
  • Licensing and Open Source
  • Scope of Support
  • Security Advisories
  • Accessibility Conformance
Powered by GitBook

Company

  • Keeper Home
  • About Us
  • Careers
  • Security

Support

  • Help Center
  • Contact Sales
  • System Status
  • Terms of Use

Solutions

  • Enterprise Password Management
  • Business Password Management
  • Privileged Access Management
  • Public Sector

Pricing

  • Business and Enterprise
  • Personal and Family
  • Student
  • Military and Medical

© 2025 Keeper Security, Inc.

On this page
  • Overview
  • (1) Request Access
  • (2) Login to DockerHub
  • (3) Get the latest kcm-setup.run
  • (4) Install the Containers
  • Installation - New Machine
  • Installation - Existing Machine
  • Subsequent Updates

Was this helpful?

Export as PDF

Pre-Release Testing

Instructions for performing pre-release testing on Keeper Connection Manager containers

Overview

Customers who are provided with early access to KCM containers can follow the below process:

Please ensure that any pre-release testing is performed in a non-production environment

(1) Request Access

Contact the Keeper team to request access, and provide your Docker Hub username. We will add you to the Beta Testers team which has read-only access to our pre-release containers. We will also provide you privately with the latest kcm-setup.run file which loads the necessary configuration.

(2) Login to DockerHub

After accepting the invitation to Join Keeper's pre-release repositories, visit https://hub.docker.com and go to Settings > Security and click on New Access Token and create a personal access token for the machine.

Using the generated token, login to Docker from your machine:

docker login --username YOUR_USERNAME

When prompted for a password, enter the personal access token instead of a password.

(3) Get the latest kcm-setup.run

Keeper will provide you with the latest kcm-setup.run file. Copy this file to your server and update the executable status.

chmod +x kcm-setup.run

(4) Install the Containers

Follow the sections below depending on whether this is an existing or new installation.

  • Installation - New Machine

  • Installation - Existing Machine

Installation - New Machine

New Machine Setup

Type the following:

export KCM_SETUP_IMAGE_PATTERN="keepersecurityinc/%s-dev"
sudo -E ./kcm-setup.run

When prompted for a license key, provide the key from the Keeper support team.

Installation - Existing Machine

Please perform a backup of your docker-compose.yml file, snapshot the machine and back up databases before making any of these changes.

Update the docker-compose.yml file (usually located in /etc/kcm-setup/docker-compose.yml) and replace the images as noted below:

  • Add shm_size and security_opt section as seen below in the guacd images

  • Replace guacd image with keepersecurityinc/guacd-dev

  • For MySQL, replace the db image with keepersecurityinc/guacamole-db-mysql-dev

  • For PostreSQL, replace the db image with keepersecurityinc/guacamole-db-postgres-dev

  • Replace guacamole image with keepersecurityinc/guacamole-dev

  • Replace ssl image with keepersecurityinc/guacamole-ssl-nginx-dev

  • Make sure KCM_LICENSE is populated with your Keeper Connection Manager license key

Example image replacements seen below:

version: "3"
services:

    guacd:
        image: keepersecurityinc/guacd-dev
        restart: unless-stopped
        shm_size: 2007372k
        security_opt:
            - "seccomp:/etc/kcm-setup/guacd-docker-seccomp.json"

...
 
     db:
        image: keepersecurityinc/guacamole-db-mysql-dev
...

     guacamole:
        image: keepersecurityinc/guacamole-dev
        restart: unless-stopped
        ...
        environment:
            KCM_LICENSE: "XXXXXXXXXXXXXX"

...
    ssl:
        image: keepersecurityinc/guacamole-ssl-nginx-dev

After updating the docker-compose.yml file per above, update the containers using the below commands.

export KCM_SETUP_IMAGE_PATTERN="keepersecurityinc/%s-dev"

sudo docker exec kcm-guacd-1 cat /opt/keeper/share/guacd/docker-seccomp.json > guacd-docker-seccomp.json
sudo mv guacd-docker-seccomp.json /etc/kcm-setup/

sudo -E ./kcm-setup.run stop
sudo -E ./kcm-setup.run upgrade

This will pull down the preview builds and restart the service.

Subsequent Updates

As new builds are published, make sure to update using these specific commands (the -E is important because it tells the script to load the correct containers):

export KCM_SETUP_IMAGE_PATTERN="keepersecurityinc/%s-dev"
sudo -E ./kcm-setup.run stop
sudo -E ./kcm-setup.run upgrade
PreviousHigh AvailabilityNextChangelog

Last updated 12 months ago

Was this helpful?