CryptoAuditor – Getting Started in Amazon EC2
1-Click launch is the fastest way to launch a single CryptoAuditor Vault+Hound combo instance for product evaluation use. For evaluation use, you can use the default settings that are generated for the CryptoAuditor instance. To launch the instance, do the following:
- In the AWS Marketplace, find the CryptoAuditor product page, and click Continue.
- Review the instance configuration.
- Region: Make sure that you launch CryptoAuditor in the same region as the audited instances.
- EC2 Instance Type: Minimum supported type is m3.large. Note that the default 1-Click Launch configuration comes with a 30-gigabyte storage volume, which is enough only for product evaluation use.
- VPC Settings: Make sure that the VPC and Subnet are the same as for the audited instances.
- Security Group: 1-Click setup creates a new security group with all the required ports open for basic evaluation use. Using remote Hound instances requires additionally port 4777 open for the Hounds’ communications towards the Vault.
- Key Pair: You can only use an existing key pair.
- Click Launch with 1-Click.
CryptoAuditor will now start initializing. This can take several minutes. When the instance initializing is finished, you can access its web-based admin UI.
The primary interface for using and administering CryptoAuditor is its web-based admin UI. Console access through Secure Shell is meant only for troubleshooting purposes.
WARNING: Source 0.0.0.0/0 allows access from all the IP addresses. We recommend restricting the access from specific IP address ranges.
Connect using web browser (use Firefox or Chrome to view sessions as videos):
- Address: https://<cryptoauditor-public-IP>
- Username: admin
- Password: <instance-ID>
Check the instance ID from the AWS Management Console.
Secure Shell Access
Connect with any SSH client using the following parameters:
- Port: 4772
- Username: admin
- Authentication: Public-key authentication (key pair defined during the instance launch).
$ ssh -i <your-aws-key>.pem -p 4772 admin@<cryptoauditor-public-IP>
Enabling Auditing Functionality
CryptoAuditor can be set up and configured without needing to input a license. To enable the auditing functionality, a license file must be acquired from SSH Communications Security and input via the CryptoAuditor admin UI. To request an evaluation license, go to http://www.ssh.com/about/contact and fill the request form.
If you are ready to buy a license for CryptoAuditor, you can request to be contacted by one of our sales team members around the world by using the main contact form at http://www.ssh.com/about/contact.
To configure CryptoAuditor features to suit your VPC, authentication setup, rules, scaling with multiple Hound instances and more, please refer to the documentation available through the admin UI.