Linux device ID migration
Linux version 1.0.79 will introduce changes to how we generate internal device IDs for Linux devices. As a result, devices will show up as a new device after upgrading to 1.0.79.
Linux version 1.0.79 will be released on March 27th, 2023. It will also be available from the
twingate-latest distribution starting on March 15th.
If you currently use Trusted Profiles with Linux devices, you will need to re-verify all of your trusted Linux devices after the update.
If you use Trusted Profiles to gate access to Resources, you will need to manual verify the new devices in order to ensure your users maintain access after they update. Users whose devices are not re-verified will experience temporary loss of access.
The manual verification migration can be done manually as your users update or can be automated using the Twingate API or the Twingate CLI.
For a small number of Linux devices: manually verifying devices is the easiest way to handle the migration. If it’s instrumental for users to have access to these resources with little interruption, consider modifying Trusted Profiles to temporarily remove manual verification as a requirement.
For a large number of Linux devices: consider using a script to automate the migration. An example script is detailed below.
After all of your users have updated, the old devices can be archived from the Admin Console.
If you have a large number of Linux device you need to reverify as users upgrade to 1.0.79, we recommend using the Twingate CLI to automate this process. Using the
device trust command, the CLI can trust one or more devices by their serial number:
./tg device trust <deviceIdOrSerial> <deviceIdOrSerial2...>
Using this command, you can automate the transition. The following steps demonstrate how that can be done:
Collect a list of serial numbers using
tg exportto build an
.xlsxfile with information from your network. This file includes a table of device info, including serial numbers. Export the serial numbers of your trusted Linux devices to a text file, separated by newlines.
Write a script to trust devices based on their serial numbers, with the following example using
serial-numbers.txtas an example:
while read serial || [[ -n $serial ]]; do ./tg device trust "$serial" done <serial-numbers.txt
- Automate this script using
cronto keep it running at a regular interval, like every 15 minutes. Keep this running until users have upgraded.
Last updated 2 months ago