Hardware authentication – Guralp Systems CMG-DCM User Manual

CMG-DCM Data Communications Module

Before your DCM can start sending authenticated data, it must

•

generate a cryptographic key pair;

•

request a certificate from a trusted Certificate Authority, and be

assigned one;

•

run a data server or transmitter using a protocol designed with
provision for authenticated seismic data (

e.g. CD1.0 and 1.1);

•

using the certificate and key, begin authenticating the data using

the method specified in the protocol.

These steps can be executed remotely, but must be carried out
separately for each installation.

Hardware authentication

Where a Spyrus crypto-token is installed, the program spyrus should

be used to set it up.

1. From a computer on the local network, use a suitable program to

open a

ssh session with the AM. For example, from a Linux

computer:

ssh 10.82.0.129

where 10.82.0.129 should be replaced with the IP address of

the AM on your network.

2. Log in using the username and password you use to access the

AM's Web interface. (If you do not use a username and

password to access the AM's Web interface, you should obtain
one from your network administrator.)

3. Initialise the Spyrus card with the command

spyrus zeroize

followed by

spyrus start

You should see information messages coming from the Spyrus

card, as follows:

Initial state 8(Zeroized)

info::state: Zeroized

44

Issue F