CMG-DCM / AM - Güralp Systems Limited

More documents

Recommendations

Info

CMG-DCM Data Communications Module you can create text files on the local computer and transfer them to the AM module using scp or a similar secure transfer program.) 6. Change into the CD1.1 transmitter's configuration directory using cd /etc/libcd11 The following steps create a key pair and certificate request within the token, which need to be placed in this directory for the CD1.1 transmitter to be able to sign outgoing data. 7. Issue the command spyrus newreq -s filename -i 1 -r slot01.req -p slot01.pub -x where filename is the name of the file you created in step 5. This will generate a certificate request in the file slot01.req and a public key in the file slot01.pub. The private key is kept within the token itself, and cannot be extracted from it. Any attempt to compromise the token will cause it to shut down and become unusable. 8. The file slot01.req is a certificate request for the key pair generated. You should send this file by e-mail to the Certification Authority, so that they can generate a valid certificate from it. 9. When you receive the certificate, install it in the /etc/libcd11 directory as slot01.crt. Also create the key ID file slot01.kid. (The key ID file is simply a text file containing the key ID as a single decimal number. You can use any key ID number as long as it is unique for each key. It is used in the key bucket file, described below.) 10.Now load the certificate into the token using the command spyrus loadcert -c slot01.crt The token will check that the certificate matches its own key pair, and should respond with info::No index specified searching for matching key info::Key in slot 1 matches certificate 46 Issue F
Operator's guide If it reports that the key does not match the certificate, you may have attempted to load a certificate valid for the wrong token. Check the certificates you have received, and try again. Otherwise, you may have to generate a new certificate request and re-send to the Certification Authority. If you issue spyrus loadcert without specifying a slot number, as above, any running CD1.1 transmitters will be interrupted, and you will need to restart them. 11.The token is now ready to start signing outgoing CD1.1 subframes. However, you will need to configure the format of these subframes by editing the /etc/cd11sf.cfg configuration file. You can do this either directly, or using the Web configuration interface (see Chapter 6, page 80.) 12.Any further key changes can be handled automatically over AutoDRM. However, occasionally you may want to supersede an existing key, or create a new key for a separate stream. Keys are handled by a system of key buckets. Each key bucket consists of a list of keys and activation times. Once the activation time for a new key passes, the previous key is superseded, and subsequent subframes are signed by the new key. You can have a different key bucket active for each stream, or even several key buckets for the same stream. Key buckets are stored in the files 0.bkt, 1.bkt, etc., within the /etc/keybuckets directory. Each line in a key bucket file has the format key-id:days-since-epoch:seconds-since-day-start where days-since-epoch is the number of days elapsed since November 17, 1989. The CD1.1 transmitter scans this file in order, and stops when it finds a key with an activation time in the past (relative to the time-stamp of the data being transmitted.) Thus, to supersede an existing key, you must place the new entry before the old one in the file, so that the CD1.1 transmitter will not continue signing subframes with the old key. To make the CD1.1 transmitter sign all subframes with a new key, even when backfilling, you should add the line key-id:0:0 December 2006 47
Page 1 and 2: CMG-DCM / AM Data Communications Mo
Page 3 and 4: Operator's guide 5.7 SEED name mapp
Page 5 and 6: 1 Introduction Operator's guide The
Page 7 and 8: Operator's guide This form of DCM u
Page 9 and 10: Operator's guide • Both mgetty an
Page 11 and 12: Operator's guide 2 Installing the C
Page 13 and 14: Operator's guide Windows, can be us
Page 15 and 16: Operator's guide connect it directl
Page 17 and 18: Operator's guide 6. If you are conn
Page 19 and 20: Operator's guide ports are connecte
Page 21 and 22: • the current Linux network and D
Page 23 and 24: Operator's guide When you are done,
Page 25 and 26: Operator's guide 2. Connect the DAT
Page 27 and 28: This process may take several minut
Page 29 and 30: Operator's guide With a sufficientl
Page 31 and 32: Operator's guide the inputs from an
Page 33 and 34: interface by typing its IP address
Page 35 and 36: Operator's guide The DCM allows you
Page 37 and 38: DCM, separated by a colon : (e.g. 1
Page 39 and 40: Operator's guide gcf_out service on
Page 41 and 42: Operator's guide viewer window. If
Page 43 and 44: Operator's guide The DCM receives s
Page 45: Operator's guide info::logging into
Page 49 and 50: Operator's guide are used by openss
Page 51 and 52: 4 Tools 4.1 Summary Operator's guid
Page 53 and 54: Operator's guide 3 open (never) Wed
Page 55 and 56: Operator's guide process and run a
Page 57 and 58: Operator's guide • a zeroing butt
Page 59 and 60: 4.5 Disk files Operator's guide Fin
Page 61 and 62: Operator's guide By default, the mo
Page 63 and 64: Operator's guide Each entry include
Page 65 and 66: Operator's guide yes if you want to
Page 67 and 68: Operator's guide The following conf
Page 69 and 70: Operator's guide dssserver fulfils
Page 71 and 72: Operator's guide datatransfer.cd1.s
Page 73 and 74: Operator's guide default: to make t
Page 75 and 76: Operator's guide /etc/libcd11/slotx
Page 77 and 78: Operator's guide • Enter values i
Page 79 and 80: Operator's guide 5.9 HTTP server In
Page 81 and 82: 6.1 General Operator's guide severa
Page 83 and 84: Operator's guide Configure : This c
Page 85 and 86: Operator's guide normally operate a
Page 87 and 88: Operator's guide If you want to che
Page 89 and 90: Operator's guide system log onto th
Page 91 and 92: Operator's guide Files are given na
Page 93 and 94: Operator's guide • a SEED locatio
Page 95 and 96: Operator's guide has no effect. If
Page 97 and 98:
Operator's guide net.dns.search : I
Page 99 and 100:
Operator's guide the net.mail.out.t
Page 101 and 102:
Operator's guide • the content of
Page 103 and 104:
Operator's guide 6.13 Administrator
Page 105 and 106:
7 Configuring digitizers Operator's
Page 107 and 108:
Operator's guide GPS Power Cycle :
Page 109 and 110:
Operator's guide 7.3 Trigger criter
Page 111 and 112:
Operator's guide Usually, the value
Page 113 and 114:
Operator's guide 7.5 Sensor mass co
Page 115 and 116:
Operator's guide Once the data is s
Page 117 and 118:
Operator's guide moving files when
Page 119 and 120:
Operator's guide certain options ar
Page 121 and 122:
Operator's guide will ask you if yo
Page 123 and 124:
Operator's guide centred; • which
Page 125 and 126:
Operator's guide The firmware Reins
Page 127 and 128:
Operator's guide 9 Connector pinout
Page 129 and 130:
Operator's guide 9.2 Integrated DCM
Page 131 and 132:
Operator's guide 10.2 Digitizer typ
show all

CMG-DCM / AM - Güralp Systems Limited

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?