Your browser does not allow storing cookies. We recommend enabling them.

CryptoAuditor – Getting Started in Amazon EC2

1-Click Launch

1-Click launch is the fastest way to launch a single CryptoAuditor Vault+Hound combo instance for product evaluation use. For evaluation use, you can use the default settings that are generated for the CryptoAuditor instance. To launch the instance, do the following:

  1. In the AWS Marketplace, find the CryptoAuditor product page, and click Continue.
  2. Review the instance configuration.
    • Region: Make sure that you launch CryptoAuditor in the same region as the audited instances.
    • EC2 Instance Type: Minimum supported type is m3.large. Note that the default 1-Click Launch configuration comes with a 30-gigabyte storage volume, which is enough only for product evaluation use.
    • VPC Settings: Make sure that the VPC and Subnet are the same as for the audited instances.
    • Security Group: 1-Click setup creates a new security group with all the required ports open for basic evaluation use. Using remote Hound instances requires additionally port 4777 open for the Hounds’ communications towards the Vault.
    • Key Pair: You can only use an existing key pair.
  3. Click Launch with 1-Click.

CryptoAuditor will now start initializing. This can take several minutes. When the instance initializing is finished, you can access its web-based admin UI.

Accessing CryptoAuditor

The primary interface for using and administering CryptoAuditor is its web-based admin UI. Console access through Secure Shell is meant only for troubleshooting purposes.

WARNING: Source allows access from all the IP addresses. We recommend restricting the access from specific IP address ranges.

Web Access

Connect using web browser (use Firefox or Chrome to view sessions as videos):

  • Address: https://<cryptoauditor-public-IP>
  • Username: admin
  • Password: <instance-ID>

Check the instance ID from the AWS Management Console.

Secure Shell Access

Connect with any SSH client using the following parameters:

  • Port: 4772
  • Username: admin
  • Authentication: Public-key authentication (key pair defined during the instance launch).


$ ssh -i <your-aws-key>.pem -p 4772 admin@<cryptoauditor-public-IP>

Enabling Auditing Functionality

CryptoAuditor can be set up and configured without needing to input a license. To enable the auditing functionality, a license file must be acquired from SSH Communications Security and input via the CryptoAuditor admin UI. To request an evaluation license, go to and fill the request form.

If you are ready to buy a license for CryptoAuditor, you can request to be contacted by one of our sales team members around the world by using the main contact form at

Advanced Setup

To configure CryptoAuditor features to suit your VPC, authentication setup, rules, scaling with multiple Hound instances and more, please refer to the documentation available through the admin UI.


What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now