Iqsol Hsa User manual

HSA User Manual

HSA V050, 14. September 2018

Page 2of 50

Index

1 HSA Quick Start Guide........................................................................................................................ 6

LEDs and buttons. .................................................................................................................... 6

How to power on. .................................................................................................................... 7

How to access the HSA............................................................................................................. 7

How to completely power off (for storage or shipping). ......................................................... 7

Recommended PuTTY settings................................................................................................. 8

Manual Download.................................................................................................................... 8

2 Setup Wizard .................................................................................................................................... 10

Starting the Wizard ................................................................................................................ 10

Changing IP............................................................................................................................. 10

2.2.1 Select Interface.......................................................................................................... 11

2.2.2 Enter IP ...................................................................................................................... 11

2.2.3 Gateway .................................................................................................................... 12

2.2.4 Confirm settings and reconnect................................................................................ 12

Changing DNS......................................................................................................................... 12

Setting the correct time ......................................................................................................... 13

2.4.1 Setting timezone ....................................................................................................... 13

2.4.2 Enter date.................................................................................................................. 14

2.4.3 Enter time.................................................................................................................. 14

Changing NTP ......................................................................................................................... 15

Chaning password.................................................................................................................. 15

Setup of a new YubiHSM........................................................................................................ 15

2.7.1 Creating a wrapping key............................................................................................ 15

2.7.2 Creating the admin authentication key..................................................................... 16

Creating a PKI authentication key.......................................................................................... 18

2.8.1 Authentication key ID................................................................................................ 19

2.8.2 Authentication key label ........................................................................................... 20

2.8.3 Authentication key domain....................................................................................... 20

2.8.4 Choose a password.................................................................................................... 21

Page 3of 50

2.8.5 PKI authentication key stored on the YubiHSM........................................................ 21

Creating a new connector certificate..................................................................................... 21

Wizard completed.................................................................................................................. 23

3 The main menu................................................................................................................................. 24

4 The network menu ........................................................................................................................... 25

hostname ............................................................................................................................... 25

interface................................................................................................................................. 25

4.2.1 Edit interface ............................................................................................................. 26

DNS......................................................................................................................................... 26

addRoute................................................................................................................................ 26

listRoute ................................................................................................................................. 26

NTP......................................................................................................................................... 26

5 The yubiHSM menu .......................................................................................................................... 27

info ......................................................................................................................................... 27

setup ...................................................................................................................................... 27

authkey................................................................................................................................... 27

backup.................................................................................................................................... 27

readBackup ............................................................................................................................ 27

shell ........................................................................................................................................ 28

deviceinfo............................................................................................................................... 28

connector ............................................................................................................................... 28

5.8.1 restartCon.................................................................................................................. 28

5.8.2 rmSN.......................................................................................................................... 28

5.8.3 writeSN...................................................................................................................... 28

5.8.4 manSN ....................................................................................................................... 29

5.8.5 restartNginx............................................................................................................... 29

5.8.6 cert ............................................................................................................................ 29

5.8.7 allowIP....................................................................................................................... 29

5.8.8 listIP........................................................................................................................... 29

6 The HSA menu .................................................................................................................................. 29

Page 4of 50

users....................................................................................................................................... 30

time ........................................................................................................................................ 30

update .................................................................................................................................... 30

backup.................................................................................................................................... 30

restore.................................................................................................................................... 30

wizard..................................................................................................................................... 31

LinuxCLI .................................................................................................................................. 31

reboot..................................................................................................................................... 31

shutdown ............................................................................................................................... 31

7 The logging menu ............................................................................................................................. 31

Syslog ..................................................................................................................................... 31

7.1.1 local ........................................................................................................................... 32

7.1.2 remote....................................................................................................................... 32

7.1.3 server......................................................................................................................... 32

7.1.4 TLS ............................................................................................................................. 32

7.1.5 filter........................................................................................................................... 32

SNMP...................................................................................................................................... 34

7.2.1 enable/disable........................................................................................................... 34

7.2.2 OID............................................................................................................................. 34

7.2.3 port............................................................................................................................ 34

7.2.4 sysLocation................................................................................................................ 34

7.2.5 sysContact ................................................................................................................. 34

7.2.6 user............................................................................................................................ 34

7.2.7 listUser....................................................................................................................... 35

8 YubiHSM setup on a PKI Server........................................................................................................ 36

Installing the connector certificate........................................................................................ 36

Installing the YubiHSM Key Storage Privider. ........................................................................ 37

Add the CA Role ..................................................................................................................... 39

Configure Active Directory Certificate Services ..................................................................... 41

9 Troubleshooting ............................................................................................................................... 46

Page 5of 50

Active Directory Certificate Services...................................................................................... 46

Page 6of 50

1HSA Quick Start Guide

LEDs and buttons.

PWR

Reset

Harddrive active (green)

Power on (yellow)

Power supply connected (red)

USB LAN HDMI DC in 24 V 1120 mA

Page 7of 50

How to power on.

Plug in the power supply and the HSA will start automatically (indicated by power on LED).

If the red LED is on but the yellow LED not, you can press the PWR button to power on.

Please do not connect the HSA to your network before changing the IP address.

How to access the HSA

You can connect to the HSA box via SSH using PuTTY or another SSH client.

Or with an HDMI monitor and a USB keyboard.

Default IP/Netmask: 192.168.0.1/24

Default Gateway: 192.168.0.254

Default DNS: 192.168.0.254

Default user and password:

deviceadmin

When you log in for the first time, the Setup Wizard starts, and you can specify the most important settings.

More detailed setup information can be found in the “HSA Setup Manual”, which you can download directly

from the HSA as described in Manual Download on the next page.

How to completely power off (for storage or shipping).

The HSA is equipped with a battery.

If you want to ship the device or store it for a longer period of time, please follow these steps to completely

power off.

In the menu

Go to The HSA menu > shutdown

On the CLI

Enter: sudo shutdown now

Or press the PWR button.

After the yellow LED turns off, unplug the power supply and press the Reset button for 5 seconds.

If everything is completely powered off, the PWR button doesn't work and you should only be able to power

on the HSA by plugging in the power supply.

Page 8of 50

Recommended PuTTY settings

By default, the numeric keypad does not enter numbers in the HSA menu, but is used as the directional keys

when using PuTTY.

To change that, do the following:

Open PuTTY and click on “Terminal” > “Functions”.

Enable “Disable application key mode”.

It is also recommended to change the window and

text size for readability.

“Window” - “Columns” and “Rows”

“Window” > “Appearance”- “Font Settings”

The font “Consolas” works very well for terminals.

To save this as the default settings klick on

“Session”, in the “Saved Sessions” textfield enter

“Default Settings” and klick “Save”.

Manual Download

The Quick Start Guide is included in printed form in the HSA package.

The more detailed manual is only available as PDF.

You can download it directly from the HSA as follows. After the first login the wizard starts, select “Yes”.

Page 9of 50

The wizard asks if you want to download the HSA User Manual. Select “Yes”.

Open a web browser and enter the IP of your HSA (displayed in the “Download” window) in the address bar.

Right klick on “HSA User Manual.pdf” and select “Save target as ...”.

After downloading, make sure that you can open and read the HSA User Manual and click “OK”.

Alternatively, you can download the HSA User Manual online via FTP:

ftp://customer:FZig[email protected]/6-IQSol-Customer/HSA/

The HSA Quick Start Guide ends here.

Follow the instructions in Setup Wizard in the HSA User Manual PDF

you just downloaded to continue setting up the HSA.

Page 10 of 50

2Setup Wizard

Please read the “HSA Quick Start Guide” before starting with the Setup Wizard.

Starting the Wizard

When you log on to the HSA for the first time, the setup wizard will start and guide you through the most

important settings.

Select “Yes” to start the wizard or “No” if you already know all the important steps and want to select them

manually in the menu.

This guide assumes that you are using the wizard.

Changing IP

First you will be asked if you want to change the IP.

You can do this now and then log in to the new IP address to proceed with the wizard, or select “No” to

change the IP address at the end in the menu, after everything else has been configured.

Table of contents

Popular Server manuals by other brands

HP Tc2120 - Server - 256 MB RAM installation guide

Lenovo

Lenovo ThinkServer RD230 manual

Avocent

Avocent CPS810 Installer/user guide

Dell

Dell PowerEdge R6615 Installation and service manual

FreeWave

FreeWave HT2+ installation guide

GIGA-BYTE TECHNOLOGY

GIGA-BYTE TECHNOLOGY G492-Z50 user manual

Lanner

Lanner HTCA-E400 user manual

Bull

Bull NovaScale T840 E2 user guide

Asus

Asus RS740-E70RS24-EG Configuration guide

Meinberg

Meinberg LANTIME M300/TCR manual 

HP ProLiant SL335s G7 Maintenance and service guide

ZyXEL Communications

ZyXEL Communications VANTAGE RADIUS 50 user guide

Lantronix

Lantronix xDirect-IAP quick start guide

Fujitsu

Fujitsu PRIMEQUEST 2400E3 General description

IBM

IBM 9040-MR9 manual

IBM

IBM 306m - eServer xSeries - 8849 user guide

green hippo

green hippo Hippotizer Nevis+ quick start guide

IBM

IBM 8203-E4A Brochure & specs

iQSol HSA User manual

Popular Server manuals by other brands