Attachment 'crit_sys_adm_report.txt'
Download 1 Visit date & time:
2 12.03.2016, 13:40 - 16:10 CEST
3
4 Persons:
5 Bas van den Dikkenberg (secure-u)
6 Mendel Mobach (CAcert)
7 Martin Simons (CAcert)
8 Benedikt Heintel (CAcert internal auditor)
9
10 Actions performed during this site visit:
11
12 In the BIT workplace we received a machine from secure-u where we disconnected the harddrive, connected keyboard and mouse and monitor.
13
14 For boot we used a Ubuntu DVD provided by Wytze van der Raay (cacert).
15 Everyone received a print of implementation.txt also provided by Wytze.
16
17 1 USB Stick containing .deb files and execute.sh
18 1 USB stick provided by Bas van den Dikkenberg that we formatted
19
20 In short, for the exact commands please see implementation.txt.
21 * Booted the DVD
22 * We checked the checksum of the Ubuntu DVD
23 * Formatted the USB Stick from Secure-U
24 * Turned the PC off and started it again.
25 * Copied the software
26 * Installed the software with execute.sh
27 * Killed the ubuntu process that held software install back
28 * Installed the software with execute.sh
29 * Took note of the checksum (all of the people on site)
30 * Copied the script output logs to the usb stick.
31 * Noticed the USB stick was broken.
32 * Turned the PC off and started it again.
33 * Formatted the replacement USB Stick from Secure-U
34 * Turned the PC off and started it again.
35 * Copied the software
36 * Installed the software with execute.sh
37 * Took note of the checksum (all of the people on site)
38 * Copied the script output logs to the usb stick.
39 * Turned the PC off
40 * Handed the USB Stick to Bas
41 * Turned the PC on and started it again to start memtest while doing the datacenter visit
42
43 Data center visit:
44 * Connected a monitor and keyboard to the signer
45 * Received the USB stick from Bas
46 * Inserted the USB stick into the signer
47 * Synced the time and date of the signer
48 * Create the ramfs and copied the documented files from the USB stick to the ramfs
49 * Checked the checksums
50 * Copied the key and certificate to the ramfs
51 * started main
52 * main complained about not able to load the certificate
53 * Verified the contents of the root.crt, turned out to be the key
54 At this point the contents of the private key file might have ended up in the script log
55 * Stopped the script log
56 * umounted the tmpfs (RAM)
57 Doing it all again
58 * Created the ramfs and copied the documented files from the USB stick to the ramfs
59 * Checked the checksums
60 * Copied the key and certificate to the ramfs
61 * started main
62 * Inspected the results, they looked fine
63 * Noted down the checksum
64 * Copied the results to the usb stick and the server directory.
65 * exited the script logger
66 * copied the script log outputs to the USB stick
67 * verified that this data was on the USB stick
68 * umounted and ejected the stick
69
70 Copying it to the webserver:
71 * Inserted the stick into the webserver
72 * logged in onto the webserver
73 * Copied the files to the webserver
74 * ejected the USB stick
75 * Handed the USB stick to secure-U
76
77 In the workplace again:
78 * Checked memtest, it ran for more than 53 minutes without errors,
79 only to show 1 memory bank having about 500G ram, which might be a
80 strange bug somewhere, probably not inflicting the memorytest
81 (total mem shown was 12G)
82 * Shut down the PC
83 * Handed over the USB stick with program input,
84 The USB Stick with program output
85 The ubuntu DVD
86 all over to Benedikt.
87 * Packed our stuff and left.
88
89 -- end.
Attached Files
To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.You are not allowed to attach a file to this page.