Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Summary of Contents for IDQ Quantis Appliance
- Page 1 Quantis Appliance User Manual Version : 2.13 Date : 06.08.202...
- Page 2 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 2 / 47 ID Quantique SA Ch. de la Marbrerie, 3bis CH-1227 Carouge/Geneva Switzerland Tel: +41 (0)22 301 83 71 Fax: +41 (0)22 301 83 79 www.idquantique.com...
- Page 3 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 3 / 47 Disclaimer THIS DOCUMENT IS PROVIDED “AS IS” WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE.
-
Page 4: Table Of Contents
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 4 / 47 Contents Introduction ............................7 System Overview........................... 7 Front panel ............................ 8 Rear panel ............................. 9 Configuration Interface ....................... 10 Random numbers interface ......................10 Getting Started ............................ - Page 5 SSL Certificates and security exceptions ..................... 23 SSL Certificates ..........................23 4.1.1 Generation of a new self-signed certificate ................ 23 4.1.2 Generation of a Quantis Appliance certificate signed by an external CA ......23 Security Exception Procedure ..................... 24 4.2.1 Chrome Procedure ......................24 4.2.2 Firefox Procedure ........................
- Page 6 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 6 / 47 6.20 system-info: system identification ....................47...
-
Page 7: Introduction
2 System Overview The Quantis Appliance serves as a hardware source of trust for cloud or distributed environments, on any operating systems via the REST API. It provides secure keys for Virtual Machines (VMs), Virtual Private Networks (VPNs), HSMs, and remote desktops. It is also used in Randomness-as-a-Service (RaaS) or... -
Page 8: Front Panel
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 8 / 47 Key features : • Quantum source of full entropy, intrinsically random • True randomness from the first bit • Provably unpredictable entropy source •... -
Page 9: Rear Panel
LAN 1 o LAN 2 o LAN M • 2 USB 3.0 double stack Type A • 1 VGA port and 1 DB-9 COM-port. For Quantis Appliance, please use only the LAN 1 and 2 ports, and the COM port. -
Page 10: Configuration Interface
3 Getting Started 3.1 Installation 3.1.1 Physical Installation In order to install the Quantis Appliance, please perform the following steps: 1) Plug the power cable in the Power supply socket. 2) Plug the Ethernet cable in the Ethernet slot LAN1. -
Page 11: Computer Configuration
| || |_| | |_| | |_| | (_| | | | | |_| | (_| | |_| | |___|____/ \__\_\\__,_|\__,_|_| |_|\__|_|\__, |\__,_|\___| qa login: 3.1.3 CLI configuration Then log in with the factory default credentials: Username: cliUser Password: cliUser qa login: cliUser Password: Last login: Fri Jul 21 16:48:18 on tty1 ======================================= ~~ Quantis Appliance CLI ~~... - Page 12 Date : 06.08.2020 Page: 12 / 47 ======================================= Welcome to Quantis Appliance CLI qa-cli> If the login success the CLI print the next command invit: qa-cli> The CLI is easy to use because it contains almost all the standards functions of a command line: •...
-
Page 13: Quick Start
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 13 / 47 To get a command specific help type: help command For instance, for the ping command type: qa-cli>help ping COMMAND ping <options...> - Ping an IP address OPTIONS --addr <IPV4>... -
Page 14: Setup Network Interface
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 14 / 47 qa-cli>date --set '2017-07-26 16:13:00' Wed Jul 26 16:13:00 CEST 2017 3.2.3 Setup Network interface The factory default configuration is: • Network interface LAN1 •... -
Page 15: Setup Hostname
Warning: although the IP addresses have been setup on the same subnet in this example, this should not be done on a production LAN. The Quantis Appliance has two ethernet ports, if both are to be used, then the first ethernet port should be on a different subnet from the second ethernet port. It is important to do this because this gives the user assurance of the route that traffic takes through the network hardware, which otherwise could be inconsistent. -
Page 16: Regenerate A New Ssl Certificate
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 16 / 47 3.2.5 Regenerate a new SSL certificate An SSL Certificate must be generated if the date or the hostname is modified. In order to regenerate a new certificate, the following command is used. - Page 17 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 17 / 47 Not After : Jul 26 14:17:45 2018 GMT Subject: C=CH, L=Geneva City, ST=Geneva, O=Id Quantique, OU=RNG, CN=10.17.17.11/emailAddress=info@idquantique.com Subject Public Key Info: Public Key Algorithm: rsaEncryption...
-
Page 18: Retrieving Random Numbers
Random bytes can be retrieved from the Quantis Appliance using HTTPS protocol. Port 80 of the HTTP protocol can be used but it is redirected to the HTTPS port (443). There are 3 main ways to get query the Quantis appliance, either by: •... -
Page 19: Json Query Using Web Browser
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 19 / 47 The Web Quantis application allows to generate: • random bytes displayed as binary or hexadecimal numbers • random numbers in different data types with optional scaling (between min inclusive, and max... -
Page 20: Json Query Using Linux Curl
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 20 / 47 Example of command for HTTPS protocols can be found below: https://IpAddress/api/2.0/int?min=1&max=50&quantity=10 3.3.3 JSON query using Linux curl In a Linux terminal, random numbers can be retrieved through a curl command. -
Page 21: Retrieving Numbers
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 21 / 47 3.3.4 Retrieving numbers Random numbers can be retrieved in different formats: • Binary: Raw binary data, typical application is security. $ curl -k 'https://IpAddress/api/2.0/streambytes?size=256' > rand.bin •... -
Page 22: Swagger Ui
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 22 / 47 3.4.2 Swagger UI A description of all the available REST commands is detailed on this page, including each argument of each command. It is also available directly from: https://IpAddress/swagger/swagger-ui.html... -
Page 23: Ssl Certificates And Security Exceptions
Page: 23 / 47 4 SSL Certificates and security exceptions 4.1 SSL Certificates HTTPS secure connection relies on an SSL certificate. The Quantis appliance is able to handle 2 kinds of certificates: • Self-signed certificate recommended for users without security expertise •... -
Page 24: Security Exception Procedure
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 24 / 47 4.2 Security Exception Procedure When using secure https connection, the browser is asking for adding security exceptions if the certificate is self-signed. Please go through the following steps to add security exceptions. -
Page 25: Firefox Procedure
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 25 / 47 Press “Proceed to 10.17.17.1 (unsafe)” and you will be forwarded to the main page. 4.2.2 Firefox Procedure Firefox will present the warning as follows:... - Page 26 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 26 / 47 Click Advanced. The following window will be opened:...
- Page 27 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 27 / 47 Press Add Exception: The following window will be opened:...
- Page 28 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 28 / 47 And finally click on Confirm Security Exception to access the Web Quantis page.
-
Page 29: Hot Standby
Two appliances and a common configuration are required. One appliance is active and the other one is idle. As soon as the active appliance is not responsive anymore the idle appliance one becomes active. The client is requesting randomness to the Quantis Appliance though a virtual IP address. Client Syslog server IP: 10.17.17.3... -
Page 30: Configuration Of The Hot Standby
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 30 / 47 syslog messages are redirected to a dedicated syslog server to order to audit the keep alive activities. 5.1 Configuration of the Hot Standby Log in the CLI of the appliance 1 and type: qa-cli>... -
Page 31: Audit
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 31 / 47 vrrp_instance VI_2 { state MASTER interface eno2 virtual_router_id 51 priority 101 advert_int 1 authentication { auth_type PASS auth_pass 1111 virtual_ipaddress { 10.17.17.20 The changes are highlighted in yellow. -
Page 32: Command Line Interface Description
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 32 / 47 6 Command Line Interface Description This section describes every command in more details. 6.1 help: Get the list of available commands NAME:... -
Page 33: Cert-New: New Ssl Certificate
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 33 / 47 To get a command specific help type: help command For instance, for the ping command type: qa-cli>help ping COMMAND ping <options...> - Ping an IP address OPTIONS --addr <IPV4>... - Page 34 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 34 / 47 Organization Unit: (RNG) [return] eMail Address: (info@idquantique.com) [return] Validity days: (365) [return] Could you please confirm: Name: 10.17.17.11 Country: CH State: Geneva...
-
Page 35: Cert-Export: Export A Ssl Certificate
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 35 / 47 eMail Address: (info@idquantique.com) [return] Validity days: (365) [return] Could you please confirm: Name: 10.17.17.11 Country: CH State: Geneva City: Geneva City Organization: Id Quantique Organization Unit: RNG Email: info@idquantique.com... -
Page 36: Cert-Import: Import An Ssl Certificate
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 36 / 47 no to export a request to sign the certificate --name the target filename of the certificate sign request. EXAMPLE qa-cli>cert-export –-self-signed yes –-name myCertificate.crt... -
Page 37: Cert-Show: Display Current Ssl Certificate Detail
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 37 / 47 6.5 cert-show: Display current SSL certificate detail NAME: cert-show DESCRIPTION: Shows the actual certificate EXAMPLE qa-cli>cert-show Certificate: Data: Version: 1 (0x0) Serial Number: 13755274384353211908 (0xbee48d2c8b673604) - Page 38 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 38 / 47 5e:7b:ce:fe:94:f2:50:34:97:46:68:5e:be:f1:57: 5c:7d:57:e1:d7:b2:bc:0d:ed:b6:6f:05:67:77:51: 65:5f:95:d8:9c:b7:29:cf:88:63:19:a5:5d:b9:2e: cf:a8:d7:f5:b6:16:78:90:b1:2f:62:a8:1f:f8:58: 41:ca:54:6d:8b:9d:9e:3a:b0:23:81:a7:20:1b:9a: 7b:50:10:66:5c:15:fe:af:1a:0d:bc:6f:ea:eb:8f: 47:e4:87:dd:6c:d6:27:f8:b9:4e:35:82:48:00:94: 7d:39:9b:a9:5d:90:a3:d8:fe:76:4a:b3:2c:af:b5: 75:1f:3d:47:aa:6f:f4:33:f3:14:97:85:84:cd:4f: 84:f4:33:22:e8:60:14:ed:51:80:1d:89:7a:15:80: 06:c3:5b:1a:b9:d0:67:7a:40:be:32:8f:a3:0f:a0: 6c:5c:6e:c2:c1:9a:59:65:98:ba:2c:b1:38:57:ec: 10:d5 Exponent: 65537 (0x10001) Signature Algorithm: sha1WithRSAEncryption 03:32:4d:dc:bd:6f:ff:af:4d:d6:83:d4:c7:d7:58:2d:b9:99: 3b:f0:67:97:10:2d:3d:0b:1c:35:bf:98:12:fe:f6:80:19:22: ea:b4:66:8e:1e:4e:74:ea:81:a4:d0:d9:97:c1:b4:7a:9a:3f:...
-
Page 39: Clear: Clear The Console
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 39 / 47 c7:cd:6c:32:85:15:cd:ec:23:9b:82:40:63:10:2c:98:2d:d9: 5c:1f:cd:19:90:c7:5b:0c:ff:1f:45:29:1d:72:0f:db:cf:8f: b6:92:fa:68 6.6 clear: Clear the console NAME: clear DESCRIPTION: Clears the console EXAMPLE qa-cli>clear 6.7 date: Change Date and Time... -
Page 40: Exit: Exit The Command Line Interface
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 40 / 47 6.8 exit: Exit the Command Line Interface NAME: exit DESCRIPTION: Exits the shell EXAMPLE qa-cli>exit 6.9 firmware-info: Firmware Information NAME: firmware-info DESCRIPTION: Shows information on the appliance EXAMPLE qa-cli>firmware-info... -
Page 41: Hostname: Set Network Hostname
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 41 / 47 qa-cli>firmware-update update Update finished 6.11 hostname: Set network hostname NAME: hostname DESCRIPTION: Get or set the hostname OPTIONS: --name Specify the new hostname EXAMPLE qa-cli>hostname... - Page 42 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 42 / 47 --interfacenum [1|2] This species the VRRP instance, i.e. network interface to configure the keep- alive functionality on. This is to allow interfaces to be configured separately.
-
Page 43: List-Usb: List Files On A Usb Memory Drive
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 43 / 47 auth_type PASS auth_pass 1111 virtual_ipaddress { 10.17.17.20 6.13 list-usb: List files on a USB memory drive NAME: list-usb DESCRIPTION: Lists the usb key contents EXAMPLE qa-cli>list-usb... -
Page 44: Nic: Configure Network Interface Card
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 44 / 47 EXAMPLE qa-cli>monitor-log --type syslog Current log address: 10.254.254.1 qa-cli>monitor-log --type syslog --addr 10.254.254.1 New log address set successfully. 6.15 nic: Configure Network Interface Card... -
Page 45: Ping: Test Lan Connection
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 45 / 47 GENERAL.DEVICE: eno2 GENERAL.TYPE: ethernet GENERAL.HWADDR: 0C:C4:7A:95:88:AD GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected) GENERAL.CONNECTION: System eno2 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/11 WIRED-PROPERTIES.CARRIER: IP4.ADDRESS[1]: 10.17.17.101/8 IP4.GATEWAY: 10.0.0.1 IP4.DNS[1]: 10.0.0.1... -
Page 46: Reboot: Reboot Appliance
Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 46 / 47 NAME: DESCRIPTION: Allows the user to change the CLI Password. EXAMPLE qa-cli>pwd Enter the new password: ******* Enter the new password once again: ******* Password correctly set 6.18 reboot: Reboot Appliance... - Page 47 Quantis Appliance User Manual Document version : 2.13 Distribution : Confidential Date : 06.08.2020 Page: 47 / 47 6.20 system-info: system identification NAME: system-info DESCRIPTION: Shows information on the appliance EXAMPLE qa-cli>system-info Manufacturer: IDQuantique Product Name: Quantis-Appliance (version: QA-v1-A0) Serial number: 1739002S020...
Need help?
Do you have a question about the Quantis Appliance and is the answer not in the manual?
Questions and answers