Black Box ET0010A User Manual
ETEP Configuration
328
EncrypTight User Guide
●
Maximum number of concurrent login sessions allowed per user
●
The number of login failures allowed before locking an account
The strong password policy enforces more stringent password rules and conventions than the default
password policy. The default password policy is enforced unless you explicitly enable the strong
password policy.
password policy. The default password policy is enforced unless you explicitly enable the strong
password policy.
NOTE
Enabling strong password enforcement restarts the SSH daemon, closing any open SSH connections
between ETEMS and the ETEP. It can take up to 30 seconds to re-establish an SSH connection after
enabling strong passwords.
between ETEMS and the ETEP. It can take up to 30 seconds to re-establish an SSH connection after
enabling strong passwords.
Related topics:
●
●
XML-RPC Certificate Authentication
The remote user certificate authentication on the ETEP is required to support the Common Access Card
(smart card) feature in an EncrypTight deployment.
(smart card) feature in an EncrypTight deployment.
The EncrypTight system supports the use of smart cards such as the DoD Common Access Card (CAC).
The use of a CAC provides user authorization in addition to certificate-based authentication. When you
use CACs, EncrypTight components use the certificates installed on the card to determine if a user is
authorized to perform a specific action.
The use of a CAC provides user authorization in addition to certificate-based authentication. When you
use CACs, EncrypTight components use the certificates installed on the card to determine if a user is
authorized to perform a specific action.
Setting up the ETEP to use a CAC involves several tasks:
1 Install certificates on the ETEPs. This task is performed using the EncrypTight software.
2 Enable strict authentication on the ETEPs.
3 Enable Common Access Card Authentication on the ETEPs
4 Add common names to the existing user accounts on the ETEPs, or add new user accounts with
2 Enable strict authentication on the ETEPs.
3 Enable Common Access Card Authentication on the ETEPs
4 Add common names to the existing user accounts on the ETEPs, or add new user accounts with
common names. These names must match the common names used on the identity certificates
included on the CACs.
included on the CACs.
Additional steps are required to prepare the EncrypTight workstation and ETKMS to use strict
authentication with smart cards. Be sure to complete all of the required steps in order, as described in
authentication with smart cards. Be sure to complete all of the required steps in order, as described in
Related topics:
●
●
●