Install a Jump Client on a Raspberry Pi System

To access the file system, command shell, and system info of a remote Raspberry Pi system, you can deploy a Jump Client to that system.

From the /login administrative interface, go to Jump > Jump Clients.
At the top of the Jump Client Installer List, click Add.

From the Jump Group dropdown, select whether to pin the Jump Client to your personal list of Jump Items or to a Jump Group shared by other users. Pinning to your personal list of Jump Items means that only you (and higher ranking roles on your team, such as Team Lead and Team Manager if you are a Team Member, and Team Manager if you are a Team Lead) can access this remote computer through this Jump Client. Pinning to a shared Jump Group makes this Jump Client available to all members of that Jump Group.
Select the Public Portal through which you want this Jump Client to connect. If a session policy is assigned to this public portal, that policy may affect the permissions allowed in sessions started through this Jump Client.

The Customer Present Session Policy does not apply to headless Jump Clients.
You can choose a Customer Not Present Session Policy to apply to this Jump Client. A session policy assigned to this Jump Client has the highest priority when setting session permissions.

We recommend that you not set a session policy for a headless Jump Client.

You can apply a Jump Policy to this Jump Client. Jump Policies are configured on the Jump > Jump Policies page and determine the times during which a user can access this Jump Client. If no Jump Policy is applied, this Jump Client can be accessed at any time.
Adding a Tag helps to organize your Jump Clients into categories within the representative console.
If you have one or more Jumpoints set up as proxies, you can select a Jumpoint to proxy these Jump Client connections. As a result, if these Jump Clients are installed on computers without native Internet connections, they can use the Jumpoint to communicate with your B Series Appliance. The Jump Clients must be installed on the same network as the Jumpoint selected to proxy the connections.
Add Comments, which can be helpful in searching for and identifying remote computers. Note that all Jump Clients deployed via this installer have the same comments set initially, unless you check Allow Override During Installation and use the available parameters to modify the installer for individual installations.
The installer remains usable only as long as specified by the This Installer is Valid For dropdown. Be sure to leave adequate time for installation. If someone should attempt to run the Jump Client installer after this time, installation fails, and a new Jump Client installer must be created. Additionally, if the installer is run within the allotted time but the Jump Client is unable to connect to the B Series Appliance within that time, the Jump Client uninstalls, and a new installer must be deployed. The validity time can be set for anywhere from 10 minutes to 1 year. This time does NOT affect how long the Jump Client remains active.
In addition to expiring after the period given by the This Installer is Valid For option, Jump Client mass deployment packages invalidate when their BeyondTrust Appliance B Series is upgraded. The only exception to this rule is live updates which change the license count or license expiration date. Any other updates, even if they do not change the version number of the B Series Appliance, invalidate the Jump Client installers from before the upgrade.
Once a Jump Client has been installed, it remains online and active until it is uninstalled from the local system either by a logged-in admin user with appropriate permissions, by a user from the Jump interface, or by an uninstall script. It can also be uninstalled, or extended, from the Jump Client Installer List. A user cannot remove a Jump Client unless the user is given appropriate permissions by their admin from the /login interface.
The options Attempt an Elevated Install if the Client Supports It, Prompt for Elevation Credentials If Needed, and Start Customer Client Minimized When Session Is Started do not apply to headless Jump Clients.

Once you click Create, select the Raspberry Pi OS option and click Download.

Using your preferred method, push the Jump Client installer file to each headless system you wish to access.
Once the installer file is on the remote system, install the file in a location to which you have write permission, using --install-dir <path>. You must have permission to write to this location, and the path must not already exist. Any additional parameters must also be specified at this time, as described below.
```
sh ./bomgar-scc-{uid}.bin --install-dir /home/pi/<dir>
```

You can also override certain installation parameters specific to your needs. When you mark specific installation options for override during installation, you can use the following optional parameters to modify the Jump Client installer for individual installations. Note that if a parameter is passed on the command line but not marked for override in the /login administrative interface, the installation fails. If the installation fails, view the operating system event log for installation errors.

Command Line Parameter	Value	Description
--jc-jump-group	user:<username> jumpgroup:<jumpgroup-code-name>	If override is allowed, this command line parameter overrides the Jump Group specified in the Mass Deployment Wizard.
--jc-public-site-address	<public-site-address-hostname>	If override is allowed, this command line parameter associates the Jump Client with the public portal which has the given host name as a site address. If no public portal has the given host name as a site address, then the Jump Client reverts to using the default public site.
--jc-session-policy-not-present	<session-policy-code-name>	If override is allowed, this command line parameter sets the Jump Client's session policy that controls the permission policy during a support session if the customer is not present at the console.
--jc-jump-policy	<jump-policy-code-name>	If override is allowed, this command line parameter sets the Jump Policy that controls how users are allowed to Jump to the Jump Client.
--jc-tag	<tag-name>	If override is allowed, this command line parameter sets the Jump Client's tag.
--jc-comments	<comments ... >	If override is allowed, this command line parameter sets the Jump Client's comments.

After installing the Jump Client, you must start its process. The Jump Client must be started for the first time within the time specified by This Installer Is Valid For.
```
/home/pi/<dir>/init-script start
```
This init script also accepts the stop, restart, and status arguments. You can use ./init-script status to make sure the Jump Client is running.

You must also arrange for init-script start to run at boot in order for the Jump Client to remain available whenever the system restarts. An example system.d service displays once the Jump Client is installed. Copy this information and create the new service for the Jump Client, filename.service (where filename is any name you choose), following these steps:
- cd /etc/systemd/system
- vi filename.service
- Paste copied information
- run chmod 777 filename.service
- Reload the systemctl daemon
- Enable and start the service file

Uninstall a Jump Client

To uninstall a Jump Client, remove it from the Representative Console.

If the client is not connected when it is removed from the console, the files are removed next time the client authorizes with the server.
Manual changes made for the Jump Client to start on boot are not removed.

Jump Clients can be removed from a device using a script:

/home/pi/<dir>/uninstall

This will leave an entry in the Representative Console interface. The entry is automatically marked uninstalled or deleted, depending on your Jump Client Settings. Manual changes made for the Jump Client to start on boot are not removed by the script.

For information about Jump Client settings, please see Configure Jump Client Settings