Skip to main content

Verifying Hardened Services

In Step 2: Setting Policies, you were instructed to set the cryptographic policy to one of the settings. This setting places limitations on access to the device's management interfaces. It only takes effect on the next reboot or service restart. (It is assumed that the device has not been rebooted at this point.)

To avoid accidentally locking yourself out of the device, you should verify that you can establish connections to the CLI and Web management interfaces with the selected cryptographic policy in place before disabling insecure services (see Disabling Insecure Management Interfaces and Unused Services).

Note

The verification of hardened services should be done before connecting the encoder to an IP network.

(Makito X SDI Encoders and X/X4 Rugged Encoders only) If you have been using the encoder's serial port up to now, you will need to connect the trusted computer to the network port of the encoder with an Ethernet cable at this point.


To begin the verification, do the following:

  1. Reboot the Makito X  Series device.
    $ reboot

  2. When the device has finished rebooting (status LED stops flashing), proceed with the verification of the SSH service.

To verify the hardened SSH service, do the following:

  1. Try to connect to the hardened SSH interface:
    $ ssh initialadmin@10.5.1.2

    It is possible that the SSH client will report a key change on the system. Keys not supported by the device in its hardened state (such as DSA) are deleted when the compliance policy takes effect. If they were used previously, the SSH client will notice and complain.

  2. If you are able to connect, re-configure the date and time using dtconfig as described in Setting the Date and Time. Continue by verifying the HTTP service (see following task).

    • If you are unable to connect, try again using a different SSH client.

    • If you are unable to make a connection with SSH or the Web interface (HTTPS) described next, you must perform a factory reset (see "Resetting the Encoder" in the  associated User's Guide.).
      Note that after doing so, your Makito X Series device cannot be operated in a hardened state. You will need to re-start the hardening steps to bring the device into a secured state.

To verify the hardened HTTP service, do the following:
  1. Try to connect to the hardened Web Interface by typing the device's default IP address (10.5.1.2 ) in a Web browser.
  2. If you are unable to connect, verify the security setting of your browser or try again using a different browser.

Once you have successfully verified the hardened services, you can proceed with disabling insecure services.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close