Documentation Index

Fetch the complete documentation index at: https://support.appgate.com/llms.txt

Use this file to discover all available pages before exploring further.

Linux

  • Updated on Jun 11, 2026
  • Published on Apr 3, 2026
  • 1 minute read
Prev Next

WARNING

This section contains advanced information for power users. Changing these settings incorrectly may break client functionality.

Confirm you are using a supported Linux distribution.

Client logs

Regular client logs are in ~/.appgate/log/, or view them with:

journalctl -t appgate-sdp

Headless client daemon logs are available with:

journalctl -u appgateservice

Driver logs

Driver logs are in /var/log/appgate/driver.log. You can also view them with:

journalctl -u appgatedriver.service

Client settings

Settings are stored in ~/.config/appgatesdp-service/.

DNS configuration

The client includes a set_dns script that modifies the network configuration when connecting to AppGate ZTNA. The script routes AppGate ZTNA DNS requests to the AppGate ZTNA DNS server while leaving all other DNS resolution unchanged. The script resets the network configuration when AppGate ZTNA disconnects.

The set_dns script requires the following:

  • dnsmasq or systemd-resolved

  • dbus

  • systemd as PID 1

If the built-in script does not support your network configuration, you can write a custom script configured in /etc/appgate.conf. For more information, run:

/opt/appgate/linux/set_dns --help

Troubleshooting

If your network configuration is left in an unexpected state, restore it by running the following commands:

/opt/appgate/linux/set_dns --reset

chattr -i /etc/resolv.conf

mv /etc/resolv.appgate /etc/resolv.conf

After you run these commands, restart your network manager.

Cleaning client settings

To clean client settings, run:

rm -rf ~/.config/appgate-ui ~/.config/appgatesdp-service ~/.local/share/appgatesdp-service

To remove stored passwords and certificates, run seahorse from a terminal and delete all entries that contain "AppGate."

Verifying package files

Linux installer packages are signed with GPG using the AppGate public key. Verify the validity of the package with the relevant tools for each distribution. The AppGate public GPG key is included in the checksum archive.

The AppGate public GPG key can also be found in the keyring installed along with the client by entering keyring /opt/appgate/appgate.gpg.

The fingerprint of the GPG key is F36B 319B CE07 48F7 7930  52E6 F600 207F 0680 FA29

Fedora

For verification on Fedora, the package rpm is needed. It is by installed on all rpm-based distributions by default.

Make sure the AppGate public key has been installed:

sudo rpmkeys --import appgate.pub

If using the keyring installed with the client, the key needs to be exported first:

gpg --keyring /opt/appgate/appgate.gpg --export --armor > appgate.pub

Verify the package:

rpmkeys --checksig PACKAGENAME

Ubuntu

For verification on Ubuntu systems, the dpkg-sig package is required:

sudo apt install dpkg-sig

Make sure the AppGate public GPG key has been installed:

gpg --import appgate.pub

Or if using the keyring installed with the client:

gpg --import /opt/appgate/appgate.gpg

Verify the package:

dpkg-sig --verify PACKAGENAME

Related articles
  • Linux clients
    Admin Guide > Admin Guide v6.7 > General administration > Client deployment and management > Linux clients
  • Linux
    Client Guide > User Guide v6.6 > Advanced
  • Linux
    Client Guide > User Guide v6.5 > Advanced