| Anchor | ||||
|---|---|---|---|---|
|
...
Network Sentinel HASP keys
The Network Sentinel HASP key (red dongle) can be shared between several hosts running CHARON-VAX including the host on which the network license is installed.
If CHARON-VAX is installed on the host where the network key is connected, no additional steps are required. The Sentinel driver is activated as part of the CHARON-VAX installation. If the host does not have CHARON-VAX installed, the host can still distribute the connected network license to CHARON-VAX instances running on other hosts. In this case the Sentinel driver must be installed on the host manually.
The Sentinel run-time driver is distributed as a separate RPM package in the CHARON-VAX kit. Please see the "License installation" section of this chapter for details.
Once the Sentinel run-time driver is installed and the network license is connected, CHARON-VAX can be started on any appropriate host on the LAN network segment. In the current CHARON-AXP/VAX versions, a network license controls the maximum overall number of active instances, which can be distributed across client host systems according to the preference of the customer.
Software licenses
The CHARON-VAX Software License is a "virtual" key with exactly the same functionality as the hardware dongle.
...
Disable remote keys access
A helpful feature of the Sentinel Admin Control Center is the ability to disable access to remote keys. If the network key is installed locally, access to the key from remote hosts can be disabled. The following examples demonstrate how this can be done.
To disable access to remote keys, switch to the "Access to Remote License managers" tab, uncheck the "Allow Access to Remote Licenses" checkbox and press the "Submit" button to apply this setting:
To disable access to the locally installed license key from remote hosts, switch to the "Access from Remote Clients" tab, uncheck the "Allow Access from Remote Clients" checkbox and press the "Submit" button to apply this setting:
Accessing Sentinel Admin Control Center from remote hosts
By default, the Sentinel Admin Control Center forbids accessing its web interface from remote machines. To allow access, configure the ACC for remote management.
The first step is to edit the "hasplm.ini" file:
|
Allow remote access by changing the "ACCremote" parameter from "0" to "1" then restart the Sentinel Admin Control Center run-time:
# /etc/init.d/aksusbd restart |
If the CHARON-VAX host firewall is blocking remote access to the Sentinel Admin Control Center, please configure the firewall to open the port 1947 (TCP protocol). Refer to the Linux documentation for details on how to configure the firewall. It is also possible to use SSH port forwarding with the following command (replace "CHARON_MACHINE" by the real CHARON-VAX host name):
# ssh -L8080:CHARON_MACHINE:1947 root@CHARON_MACHINE |
This will expose the Sentinel Admin Control Center on port 8080 to any computer and it will believe commands are coming from the local host.
License management utilities
CHARON-VAX for Linux provides a specific utility for license management - "hasp_srm_view". This utility is used to display the license(s) content, to collect key(s) status information and host fingerprint (C2V) files.
| Info |
|---|
Applying updates (".v2c" files) is typically done using the Sentinel Admin Control Center (see above) but alternatively it is also possible to use the specific "hasp_update" utility. |
Please refer to the Utilities section of this Guide for more details.
Removing CHARON-VAX software licenses
The following procedure must be applied to remove software license:
- Using your web browser, open the http://localhost:1947 page to access the "Sentinel HASP Admin Control Center" (ACC).
- In the "Sentinel HASP Admin Control Center" (ACC), locate the target "Sentinel SL AdminMode" license.
- Press the "Certificates" button at the right side of the SL description:
- Note the name of the corresponding certificate and path to the certificates base in the "Certificates" section.
- Remove the target certificate file from the specified directory, in most cases: "
/var/hasplm/installed/68704/". - Reboot the CHARON host.
- Start the "Sentinel HASP Admin Control Center" (ACC) again to ensure that the SL has been removed.
License Deinstallation
To completely remove a CHARON-VAX license from a host, it is enough to remove the Sentinel run-time daemon (and the package "charon-license-<...>.rpm" containing the run-time customization) using the following command:
# rpm --nodeps -e aksusbd charon-license-<...> |
Then just physically disconnect the license key (in the case of protection by dongles).
Special "backup" license keys
Backup keys are provided by STROMASYS along with standard license dongles. It is strongly recommended to order a backup key to recover immediately from damage or loss of the main license key. Backup keys use a counter (integer) value hardcoded inside the key. This integer value is a number of hours CHARON-VAX is allowed to run. Each time CHARON-VAX checks the license (every hour), the value is decreased (by 1 hour).Please note that backup keys have restricted functionality:
- CHARON run time is typically limited to 720 hours (30 days). This should be more than enough time to get a replacement from STROMASYS.
- A backup license may be valid only until a certain date. Please check with STROMASYS management.