Skip to main content

Setting Up Key Manager

This chapter covers the instructions for setting up Key Manager for evaluation purposes, with all the necessary Key-Manager components on one machine.

Before performing setup, ensure that you have the following:

  • A machine for running Key Manager:
Table 2.1. Minimum Evaluation Requirements
ItemMinimum Evaluation Requirements
Operating SystemRocky Linux 8.4 or newer (64-bit), 9.x versions (64-bit)
RHEL 8.x versions (64-bit), 9.x versions (64-bit)
CPU4 or more cores
Memory8 G
Disk Space30 GB
InternetStandard-repository access
  • The Key Manager installation package, named similarly to sshmgr-7.0.0-*.x86_64.tar
  • A Key Manager license, for enabling evaluation actions.

To set up Key Manager for evaluation purposes:

  1. Copy the Key Manager installation package, and the Key Manager license to your machine.
  2. Extract the Key Manager installation package with: 
    # tar xvf sshmgr-7.0.0-*.x86_64.tar
  3. Go to the root of the extracted installation package, then run the quick-install script similar to the 
    # cd sshmgr-7.0.0-*
    # support/quickInstall.sh --mode install \
    --fqdn keymanager.example.com  --accept-eula \
    --license path/to/license.dat .

In the example command, replace the following values:

keymanager.example.com - The FQDN or IP address of the machine.

path/to/license.dat - Path to the Key Manager license file.

note

If you want to read the Key Manager EULA before installation, remove --accept-eula from the command.

The EULA is also available after installation, at /opt/sshmgr/docs/eula.txt

Allow several minutes for the quick-install command to finish. Once the command finishes, you should see your Key Manager evaluation configurations, similar to the following:

########################################
UKM installed with the following config:
# Required parameters
# Mode should be given separately for each command invocation
# MODE=install
FQDN="keymanager.example.com"
LICENSE_FILE="../evaluation-license.dat"
ADMIN_PASS="cSPDF67hxPvb12#!"
ENCRYPTION_PASS="Y0cHKOGg73srWlO0cT"
DB_TYPE="PostgreSQL"
DB_HOST="localhost"
DB_NAME="keymanagerdb"
DB_USER="keymanager"
DB_USER_PASS="cSPDF67hxPvb12#!"
DB_PORT="5432"
DB_BACKUP="keymanagerdb-20210324-141738"
# this should ideally by forced at the command line instead of here
FORCE_INSTALL=FALSE
WGET_OPTS="--no-check-certificate"
CURL_OPTS="--insecure"
########################################

This output is saved to the home directory of the user executing the script (typically at /root/ quickInstall.log).

The script creates the following accounts, that can be used for testing during the evaluation:

  • admin
  • apiuser
  • auditor
  • deployer
  • hostadmin
  • keyoperator
  • sshmgr
  • superuser
  • system
  • user_portal_max
  • user_portal_min

The password for these accounts is output by the quick-install script as the ADMIN_PASS.

Your Key Manager evaluation deployment is now set up. To log into the Key Manager GUI, navigate to the FQDN address, with the user name admin and the password from ADMIN_PASS. For further evaluation topics, see Getting Started with User Portal.