Curtiss-Wright DTS1 User Manual Download Page 87

Page: 87 / 140

User Guide

DDOC0099-000-AH

DTS1 CSfC

12 - 5

Command Line Interface

Revision 5.0

12.3.3

cmkey

NOTE

The DTS1 has only 1 RMC slot. As a result, the -s option is always -s 0.

Description

The cmkey command allows for management of keys on the crypto module. For status

information, issue cmkey without options.

Syntax

cmkey

[

-h

--help

--version

]

cmkey -e

KEY -m

MAC

[

-s

SLOT] [

--save

LOC]

[-F

]

cmkey -p

PSK

-d

DEK

[

-s

SLOT] [

--save

LOC] [

-F

]

cmkey -s

SLOT [

--load

LOC |

--auto

--unload

] [

-F

]

cmkey --del

LOC

cmkey --kek

cmkey --zero

[

--nowait

]

Options

-h

--help

............................Print help message

--version

............................Print program version

--auto

..................................Auto-load the saved key for RMC selected by -s.

--save

<loc> ........................Save key to non-volatile memory location (0-31).

--del

<loc>..........................Delete/zeroize a saved key.

--load

<loc> ........................Load a saved key for RMC selected by -s.

--unload

..............................Unload/zeroize key from RMC selected by -s.

-s

--slot

<num>................RMC slot number (0, all) for which to load/install a key.

-e

--ekey

<hex>.................Encrypted DEK (data encryption key) 40 byte value represented by

80 hex characters.

-m

--mac

<hex> ...................MAC (message authentication code) 48 byte value represented by

96 hex characters.

-p

--psk

..............................Plain Text PSK (pre-shared key) 32 byte value represented by 64

hex characters.

-d

--dek

..............................Plain Text DEK (data encryption key) 32 byte value represented by

64 hex characters.

-k, --kek ............Generates KEK (key encryption key).

-r, --resetkek

................Reset the key used to encrypt the KEK to the PSK.

NOTE

Must provide existing PSK (-p option) when using this option.

-u

--userpsk

.....................User defined plain text PSK (pre-shared key) 32 byte value

represented by 64 hex characters.

NOTE

The --zpsk option will restore the unit back to a state prior to assignment of the PSK making the

unit inoperable. Will prompt user prior to performing the erase.

--zpsk

..................................Zeroize the crypto unit PSK.

-Z

--zero

............................Zeroize crypto module. Clears all saved/loaded keys.

--nowait

..............................Do not wait until zeroization is complete before returning.

-F

--force

..........................Force key load to RMC if key mismatch is detected.

NOTE

Options -

-save, --del

, and

--load

operate on 32 non-volatile memory locations for key

storage. These locations are within the crypto module. For security, the saved keys cannot be

retrieved or viewed. Use of these memory locations is not required, and must be explicitly

requested with option -

-save

when entering a key. By default, keys are directly loaded/installed

for the RMC selected with option

-s

Example: Get status regarding keys

cw_dts>

cmkey

[cmkey]

CMKEY: id=<int> init= login= s0= s1= s2= deks=<mask> status=<sts>

[!cmkey] <summary>

Summary of Contents for DTS1

Page 1: ...DTS1 CSfC ECC Cryptographic Data Transport System User Guide Part Number DDOC0099 000 AH ...

Page 2: ...This Page Intentionally Left Blank ...

Page 3: ...stem 0919 0001 DDOC0099 000 PDF AA 09 19 19 Revised encryption password passphrase requirements 0919 0005 DDOC0099 000 PDF AB 10 25 19 Revised to include video stream capture Additional revisions corrections as noted by change bars 1019 0014 DDOC0099 000 PDF AC 3 27 20 Revised format and style of illustrations and tables Technical changes incorporated as noted by change bars 0320 0012 DDOC0099 000...

Page 4: ...esent in the equipment CAUTION HAZARD A potential hazard that could result in equipment damage or improper operation Information contained in CAUTIONS applies to dangers and hazards that may result in damage to equipment or improper operation The actual hazard is provided in CAPITALIZED letters and the information that mitigates the danger is provided in sentence case This information typically pr...

Page 5: ...or at a prompt ENTER Special keys on the keyboard such as enter alt and spacebar Save Software command buttons and sections of dialog boxes such as group boxes text boxes and text fields File Open A menu and a specific menu command ALT F1 Pressing more than one key at the same time ALT TAB Pressing more than one key in sequence xx yy Variable in error messages and text jobfile dat File names This ...

Page 6: ...ftware Encryption Layer 2 6 2 3 3 Zeroize 2 6 2 4 Features 2 6 Controls and Indicators 3 1 Chassis Indicators 3 1 3 1 1 POWER LED 3 1 3 1 2 FAULT LED 3 1 3 1 3 KEY LOADED LED 3 1 3 1 4 DRIVE CAPACITY LEDs 3 1 3 2 Chassis Controls 3 2 3 2 1 Key Clear Button 3 2 3 2 2 Write Enable Switch 3 2 3 3 RMC Module Controls Indications 3 2 3 3 1 STATUS LED Green Left 3 2 3 3 2 ACTIVITY LED Green Middle 3 3 3...

Page 7: ...1 1 Initialize Container Unpartitioned Disk 5 8 5 4 1 2 Open SWE Container Unpartitioned Disk 5 9 5 4 1 3 Format Mount SWE Container Unpartitioned Disk 5 9 5 4 1 4 Close SWE Container Unpartitioned Disk 5 9 5 4 1 5 Delete SWE Container Unpartitioned Disk 5 10 5 4 2 Partitions 5 10 5 4 2 1 Initialize SWE Containers Partitions Different Passphrases 5 10 5 4 2 2 Open SWE Container Partitions Differen...

Page 8: ...s 7 8 7 5 3 1 Assign Services 7 8 7 5 3 2 Boot Services 7 9 7 5 3 3 Restart Services 7 9 7 5 4 Assign Mount Point Names 7 10 7 5 5 Format Mount 7 11 7 5 5 1 Format Only 7 11 7 5 5 2 Format Mount 7 12 7 5 6 iSCSI 7 14 7 6 PCAP 7 15 7 7 Health 7 16 7 7 1 Sens 7 16 7 8 Built In Test 7 17 7 8 1 IBIT Initiated BIT 7 17 7 8 2 MBIT Maintenance BIT 7 17 7 9 Update Software Firmware 7 18 7 10 Access from W...

Page 9: ...2 2 RMC Module 12 1 12 3 Commands 12 1 12 3 1 amnt 12 2 12 3 2 cmfwupdate 12 4 12 3 3 cmkey 12 5 12 3 4 cmlogin 12 8 12 3 5 dhcpconfig 12 10 12 3 6 fdefaults 12 12 12 3 7 fupdate 12 13 12 3 8 fwall 12 14 12 3 9 help 12 16 12 3 10 ibit 12 17 12 3 11 info 12 18 12 3 12 ipconfig 12 20 12 3 13 istarget 12 22 12 3 14 ledctrl 12 24 12 3 15 log 12 25 12 3 16 mbit 12 26 12 3 17 ntpdate 12 28 12 3 18 passw...

Page 10: ...ions A 4 A 3 RMC Module Specifications A 4 A 4 Mean Time Between Failures A 4 A 5 Environmental Specifications A 5 A 6 EMI Compliance A 6 A 7 Electrical Power Compliance A 6 Connectors Cables B 1 Power Connector J1 Power Lab Cable B 1 B 2 Utility Connector J2 Utility Lab Cable B 2 B 3 Ethernet Connector J3 Ethernet Lab Cable B 3 B 4 Ground Lug B 5 Ordering Information C 1 DTS1 RMC Module Lab Cable...

Page 11: ...re 4 5 DTS1 Rear Panel Connectors 4 3 Figure 4 6 Power Lab Cable 4 3 Figure 4 7 Utility Lab Cable 4 4 Figure 4 8 Ethernet Lab Cable 4 4 Figure 4 9 DTS1 Ground Connection 4 5 Figure 5 1 Key Storage Diagram 5 6 Figure 6 1 Initialization Quick Start Process Flow 6 2 Figure 6 2 Login Quick Start Process Flow 6 4 Figure 7 1 DTS1 Test Setup 7 1 Figure 7 2 PuTTY Terminal Emulator Serial Data 7 2 Figure 7...

Page 12: ...Error Codes 9 2 Table A 1 DTS1 RMC Calculated Mean Time Between Failures A 4 Table B 1 Power Connector J1 Signals B 1 Table B 2 Power Lab Cable VS DTS1PWRCAB 0 B 1 Table B 3 Utility Connector J2 Signals B 2 Table B 4 Utility Lab Cable VS DTS1ETHCAB J2 B 3 Table B 5 Ethernet Connector J3 Signals B 4 Table B 6 Ethernet Lab Cable VS DTS1ETHCAB J3 B 4 Table C 1 DTS1 CSfC Chassis C 1 Table C 2 RMC Modu...

Page 13: ...rt and timely product delivery Our quality commitment begins with product concept and continues after receipt of the purchased product Curtiss Wright Controls Inc Electronic Systems Quality Management System is accredited to the latest revision of the aerospace standard AS9100 Quality Management Systems Requirements for Aviation Space and Defense Organizations Our Quality System addresses the foll...

Page 14: ...includes comprehensive support information designed to answer any technical questions that might arise concerning the use of this product We also publish and distribute technical briefs and application notes that cover a wide assortment of topics Although we try to tailor the applications to real scenarios not all possible circumstances are covered While we have attempted to make this document com...

Page 15: ... Interface CLI via RS 232 or Ethernet Telnet or SSH The CLI utilizes Curtiss Wright s proprietary command structure which includes built in Help The DTS1 uses the Commercial Solutions for Classified CSfC specification and associated dual layer data security system to provide a NSA acceptable data encryption method Data is encrypted by hardware and software to fulfill the CSfC dual layer requiremen...

Page 16: ...1000 Ethernet ports connectors J2 and J3 Figure 2 3 are available for network connections supporting NFS CIFS FTP iSCSI PCAP and HTTP file transfer protocols The DTS1 also supports the Preboot eXecution Environment PXE giving remote computers the capability to boot from files stored on the DTS1 Connector J2 also supports RS 232 communication protocol primarily used for configuring the DTS1 as well...

Page 17: ... The RMC module is accessed via a sealed door with a quarter turn latch located on the front panel of the unit The RMC module within the DTS1 is also a rugged compact unit that can be personally transported with minimal precautions to a secure location or deployment Figure 2 5 DTS1 With RMC Module DDOC0099 0005 Battery Access Panel Ethernet Power Ground Stud Ethernet RS 232 DDOC0099 0019 Processor...

Page 18: ...ity Agency NSA specification The CSfC program requires multi layered security Hardware data encryption is used for the first security layer The second security layer is software data encryption Both encryption processes are performed in the DTS1 one in the HW crypto module the other by the Processor The hardware encryption key is retained in the DTS1 crypto module memory the software encryption ke...

Page 19: ...ares the user HMAC and the HWE layer HMAC If they are the same the user is logged in If they do not compare the user is denied access TERMINAL PC DTS1 CLI HARDWARE CRYPTO LAYER Internally Generate 32 byte User Token Key PSK Keywraps User Token Key AES256 Keywrap PSK Generate HMAC User Token Key and PSK Send Encrypted User Token Key and HMAC Login Create Account on Hardware Encryption Layer Validat...

Page 20: ...the software encryption has been performed the RMC module can be formatted and mounted Subsequent use of the RMC module is dependent upon the proper encryption key passphrase being entered using the CL Failure to enter the proper information will result in the RMC module being inaccessible for data storage or use 2 3 3 Zeroize There are two methods to zeroize the DTS1 Local Remote To locally initi...

Page 21: ...EE 802 3 802 u and 802 ab Front panel controls and indicators POWER LED green FAULT LED red KEY LOADED LED yellow DRIVE CAPACITY LEDs KEY CLEAR Button Built In Test BIT capability Provides overall health and status and out of limits detection and notification Start up BIT SBIT displayed upon start up Periodic BIT PBIT Initiated BIT IBIT Maintenance BIT MBIT Test control via CLI health status query...

Page 22: ...ng utilizing Dzus quarter turn fasteners Platform mounting utilizing standard L brackets RMC module accessed via environmentally sealed front door with quarter turn locking mechanism Data encryption Elliptical Curve Cryptography ECC AES 256 in line battery backed up encryption module for encryption of data at rest prior to storage on RMC module NIST FIPS 140 2 certifiable External encryption key l...

Page 23: ... LED may illuminate for a short time after power is applied during booting and will extinguish if the Built In Test BIT passed The periodic BIT will illuminate this LED if it detects an anomaly such as an out of tolerance voltage level If an error or failure has occurred in the encryption hardware or software the FAULT LED will light and no encrypted data can be transferred If the FAULT LED remain...

Page 24: ...D LED will turn off In order to use the unit again the encryptor will require reinitialization and any previously loaded credentials and keys to be reloaded 3 2 2 Write Enable Switch The write enable switch Figure 3 3 is used to lock the USB flash memory so it cannot be inadvertently changed The switch is placed in the READ WRITE position to configure the flash memory After the configuration is se...

Page 25: ... Button Press and hold this button for three to five seconds to request removal of the RMC module The STATUS LED will blink at 5Hz for two seconds to acknowledge the request After acknowledgment the system will unmount and prepare the RMC module for removal When the RMC module is ready for removal the STATUS LED will blink one time every five seconds Removal may also be requested with the CLI comm...

Page 26: ... consists of a DTS1 chassis and a RMC module Additional accessories may be included if ordered All received items should be inspected for damage Inspect all units as follows All screws should be tight The door gasket should be free from any cuts crushing or flattening damage All anti tamper labels Figure 4 1 and Figure 4 2 should be unbroken All components should be free from any dents cracks or d...

Page 27: ...uctions and temperatures around equipment and possible detrimental surface temperatures due to conducted heat See paragraph A 5 Environmental Specificationsfor thermal limit specifications Mechanical mounting of the DTS1 requires compliance to MIL STD MS25212 This will require the acquisition of the appropriate mounting components and precise installation per the selected platforms mounting specif...

Page 28: ...ar Panel Connectors 4 4 1 Power Cable The Power Lab Cable VS DTS1PWRCAB 0 Figure 4 6 is used to make power connections to the DTS1 The DTS1 requires an input power of 28 volts and ground Refer to paragraph B 1 Power Connector J1 Power Lab Cable for connector pin signal information Figure 4 6 Power Lab Cable DDOC0099 0007 0 994 25 24 4 00 101 6 3 25 82 5 DDOC0099 0009 Ethernet RS 232 Ethernet Power...

Page 29: ...nections The 19 pin connector P1 mates to DTS1 J2 The RJ 45 plug P2 connects to a terminal or PC Ethernet port The DB 9 connector J1 mates to a terminal or PC serial port The audio jack J2 connects to user configured switches for zeroization and reboot Figure 4 7 Utility Lab Cable 4 4 3 Ethernet Cable The Ethernet Lab Cable VS DTS1ETHCAB J3 Figure 4 8 is used to make network connections to the DTS...

Page 30: ...4 4 Ground Cable A ground cable is required but not provided The ground cable DTS1 Ground Connection terminal is installed on the DTS1 ground stud E1 The provided nut should be torqued to 18 in lb to ensure proper connection Figure 4 9 DTS1 Ground Connection DDOC0099 0047 Ground Cable Torque Nut to 18 in lb ...

Page 31: ...he hardware layer password can be incorrectly entered two times without issue On the third try if an incorrect password is entered the hardware layer key will automatically zeroize Once this occurs the DTS1 will need to be reinitialized with the correct password Software Layer The software layer password passphrase can be incorrectly entered four times without issue On the fifth try if an incorrec...

Page 32: ...on present fmt na 0 not formatted 1 formatted mnt na 0 not mounted 1 mounted Example 5 2 1 Hardware Layer Definitions NOTE The cmkey command applies only to the hardware encryption layer The software encryption layer is controlled by options associated with the rmcctl command The key management command cmkey provides the user the ability to compose keys load and unload keys to the RMC module save ...

Page 33: ...tore a key to the CM memory Load Move copy the saved key from the CM memory to the encryption chip serving a specified RMC module slot Unload Removal of the key from the CM encryption chip Delete Removal of the key from the CM memory 5 3 Hardware Layer Encryption 5 3 1 Initialize Login Crypto Module NOTE username and password are selected and entered by the user User name u requirement is 1 15 cha...

Page 34: ...ny key previously installed Entering a plain text DEK or an encrypted DEK EDEK is required to access the RMC The EDEK provides additional security but requires additional effort on the part of the user 5 3 3 1 Access RMC Module Plain Text DEK NOTE The DEK is a user generated 64 character string 1 To access the RMC enter the DEK and PSK 2 Type cmkey s 0 d p force and press ENTER key Example cw_dts ...

Page 35: ...e EDEK string m MAC string force and press ENTER key Example 5 3 4 Hardware Encryption Key Storage NOTE Encryption keys are associated with individual RMC modules As a result up to 32 separate keys can be saved for 32 individual RMC modules The save option is an optional command that will save the key entered to a specified crypto module location There are 32 locations available 0 through 31 The s...

Page 36: ... HEX status OK cmkey OK 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ...

Page 37: ...e be identified by slot number s 0 To unload a key from the RMC module type cmkey unload 0 thru 31 s 0 and press ENTER key Example 5 3 4 5 Autoload Key NOTE The auto load command is not required when reinstalling or swapping a RMC module whose key is saved in the crypto module nor is it required between power cycles provided the login creden tials are saved This command automatically matches the c...

Page 38: ...partitioned Disk Disks cannot be partitioned after software encryption has been performed 5 4 1 1 Initialize Container Unpartitioned Disk CAUTION DATA LOSS Initializing SWE will overwrite destroy any existing data on the disk As a result the force option must be used Initialize a Software Encryption SWE container on an RMC module as follows 1 Type rmcctl force C and press ENTER key NOTE After the ...

Page 39: ...npartitioned Disk NOTE NTFS format is not allowed on a software encrypted RMC module After opening the SWE container it can be formatted mounted and used To format only Command rmcctl F Example of RMC Module Status To format and mount Command rmcctl F M Example of RMC Module Status 5 4 1 4 Close SWE Container Unpartitioned Disk NOTE To close the SWE container it must be unmounted 1 Type rmcctl U a...

Page 40: ... has be issued the user must acknowledge that all data on the partition will be overwritten c At the overwrite query prompt type YES and press ENTER key NOTE Refer to paragraph 5 1 2 Software Layer Passwords Passphrases for requirements 2 Enter a password passphrase that complies with the password passphrase requirements and press ENTER key d Reenter the password passphrase and press ENTER key If ...

Page 41: ...module as follows a Type rmcctl p1 E and press ENTER key b Enter the partition 1 password passphrase and press ENTER key If the passphrase is entered correctly the following message will be displayed RMC_C0 action enter status OK Resetting attempts to 0 Example of RMC Module Status 2 Open the SWE container on partition 2 of a 100GB RMC module as follows a Type rmcctl p2 E and press ENTER key b Ent...

Page 42: ...es and meets the requirements the following message will be displayed RMC_C0 action cryp status OK 3 Partition 2 a At the overwrite query prompt type YES and press ENTER key b Enter the same password passphrase for partition 2 and press ENTER key c Reenter the password passphrase and press ENTER key If the passphrase is entered correctly both times and meets the requirements the following message ...

Page 43: ...C module partitions After opening the SWE containers on individual partitions they can be formatted mounted and used To only format the SWE containers Command rmcctl p all F Example of RMC Module Status To format and mount the SWE containers Command rmcctl p all F M cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 50 GB NAS 1 1 0 na 0 rmc0p1 RMC_...

Page 44: ...al Partitions To delete a SWE container Command rmcctl p 2 D Example of RMC Module Status cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 100GB NAS 1 1 ext4 1 0 rmc0p1 RMC_S0 1 1 1 2 25 GB NAS 1 1 ext4 1 0 rmc0p2 rmcctl OK cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 100GB NAS 1 1 ext4 1 0 ...

Page 45: ...nsecutively Zeroization affects only the crypto module HWE key It does not affect the RMC module The data on the RMC module is still accessible If the RMC module can be placed in another DTS1 with the same DEK EDEK loaded in its crypto module If the DEK can be restored reloaded 5 5 2 Delete SWE Container Refer to paragraph 5 4 1 5 Delete SWE Container Unpartitioned Disk paragraph 5 4 2 9 Delete SW...

Page 46: ...erwrite Command rmcpurge s 0 N Example Normal erase of RMC module in slot 0 2 Purge all RMC modules with enhanced overwrite Command rmcpurge s all E Example Enhanced erase of all RMC modules cw_dts rmcpurge s 0 N rmcpurge RMC_P0 status OK 0 rmcpurge OK cw_dts rmcpurge s all E rmcpurge RMC_P0 status OK RMC_P1 status OK RMC_P2 status OK rmcpurge OK ...

Page 47: ... At a minimum the DTS1 CSfC must have an RMC installed and be connected to both a computer and 28 VDC power source 1 Turn door latch CCW open door and insert RMC into DTS1 2 Connect lab power cable between 28 VDC source and DTS1 connector J1 3 Connect lab utility cable between user computer Ethernet port and DTS1 connector J2 4 Turn on 28 VDC source 5 Log into user computer NOTE If unit has been i...

Page 48: ...here are no requirements other than being able to remember it NOTE loc refers to location 0 through 31 where key will be stored 7 Create save encryption key cmkey d DEK string p Curtiss Wright provided PSK string save loc User DTS1 Hardware Encryption Software Encryption 3rd Party Application Legend Hardware Software Check RMC Status rmcctl Check RMC Status rmcctl Generates User Token Generates Ch...

Page 49: ...When prompted enter password passphrase 13 Open software encryption container rmcctl E 14 When prompted enter same password passphrase as previously entered 15 View RMC status rmcctl DTS1 is ready to use with CSfC encryption 6 3 Login After encryption has been initialized subsequent use requires only following the login process Refer to Figure 6 2 for a login flowchart 1 Generate challenge cmlogin...

Page 50: ...ncryption 3rd Party Application Legend Check RMC Status rmcctl Check RMC Status rmcctl Generates Challenge String Provide RMC Status RMC Accessible With CSfC Encryption Enabled Generates HMAC String DDOC0099 0049 HMAC STRING Generate Challenge cmlogin u p L Log Into Crypto Module cmlogin M Open Software Encrypted Container rmcctl E Enter Password Passphrase Load Encryption Key cmkey load loc s 0 H...

Page 51: ...ses due to implementation of a software command 7 1 Setup Connections NOTE The DTS1 is powered by a user supplied 28 VDC power supply and does not have a power switch of its own The DTS1 is powered up by turning on the 28 VDC supply 1 If not previously accomplished connect cables to DTS1 connectors Figure 7 1 2 If not previously accomplished connect cables to terminal PC connectors 3 Turn on 28 VD...

Page 52: ...Line Interface CLI using the RS 232 port Serial port accesses is recommended for initial configuration of the DTS1 The terminal emulation program should be set to 9600 bps 8 bits no parity one stop bit and no flow control The CLI is also accessible via Ethernet using Secure Shell SSH The default IP addresses are shown in Table 7 1 Simple Network Management Protocol SNMP is also available to commun...

Page 53: ...ogin prompt type admin b At the password prompt type istrator 7 2 1 2 Ethernet This section explains setting up communications using secure shell SSH and a PuTTY terminal emulator 1 If not previously accomplished download a copy of PuTTY terminal emulator and install on computer 2 Open PuTTY terminal emulator Figure 7 3 Figure 7 3 PuTTY Terminal Emulator SSH 3 Configure PuTTY as follows Connection...

Page 54: ... 7 2 3 Account Management The DTS1 operating system has two accounts admin default password is istrator user default password is password The admin account is used to setup and configure the unit via the CLI The user account can only access the RMC module and cannot change or update any operational parameters The Hardware Encryption HWE layer and Software Encryption SWE layer each have one account...

Page 55: ...time and date appear in some status displays and messages To display the current date and time type sysdate and press ENTER key Example NOTE The date must be entered as yyyy mm dd The time must be entered as hh mm ss To change the current date type sysdate d yyyy mm dd and press ENTER key Example To change the current time type sysdate t hh mm ss and press ENTER key Example To change the current d...

Page 56: ...ng the SWE container s The RMC module data is destroyed via the rmcpurge command Refer to paragraph paragraph 5 5 Zeroize HWE Key Delete SWE Container RMC Purge for additional information 7 5 Storage Media NOTE The DTS1 must have the hardware encryption layer initialized and open before the RMC module storage media can be accessed If desired the RMC module disk can be used without partitioning The...

Page 57: ...tion must be 100MB or greater Command rmcctl P 4 10GB 50GB 20GB 20GB cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 100GB NONE 0 na 0 na 0 rmcctl OK cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 100GB NONE 0 na 0 na 0 rmcctl OK cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm ...

Page 58: ...be done as two separate commands Command rmcctl p 1 serv NAS rmcctl p 2 serv NAS Example of RMC Module Status cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 10 GB NONE 0 na 0 na 0 RMC_S0 1 1 1 2 50 GB NONE 0 na 0 na 0 RMC_S0 1 1 1 3 20 GB NONE 0 na 0 na 0 RMC_S0 1 1 1 4 20 GB NONE 0 na 0 na 0 rmcctl OK cw_dts rmcctl rmcctl RMC_S ins hcryp osdr ...

Page 59: ...cp ftp http nfs snmp tftp tel Example Command serv cifs 1 ftp 1 http 1 nfs 1 Example of RMC Module Status Restart all services Command serv a 1 cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 25 GB NAS 0 na 0 na 0 rmc0p1 RMC_S0 1 1 1 2 25 GB NAS 0 na 0 na 0 rmc0p2 RMC_S0 1 1 1 3 25 GB NAS 0 na 0 na 0 rmc0p3 RMC_S0 1 1 1 4 25 GB NAS 0 na 0 na 0 r...

Page 60: ...and rmcctl mntpoint name Example of RMC Module Status Where name aaa Add a mount point name to partitions 1 and 2 of a100 GB RMC module with two partitions NOTE Must be done as two separate commands Command rmcctl p 1 mntpoint name 1 rmcctl p 2 mntpoint name 2 cw_dts rmcctl serv BOOTCFG cifs 1 nfs 1 ftp 1 http 1 dhcp 0 tftp 0 tel 0 snmp 0 status ok LIVECGFG cifs 1 nfs 1 ftp 1 http 1 dhcp 1 tftp 1 ...

Page 61: ...mat from ext4 to NTFS Format partition 2 of a 100 GB RMC module with two partitions as NTFS Command rmcctl p 2 F fs NTFS Example of RMC Module Status cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 50 GB NAS 0 na 0 na 0 aaa RMC_S0 1 1 1 2 50 GB NAS 0 na 0 na 0 bbb rmcctl OK cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt...

Page 62: ...nt NOTE NTFS format is not supported on an unpartitioned RMC module Format ext4 mount an unpartitioned 100GB RMC module Command rmcctl F M cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 50 GB NAS 0 na ext4 0 0 rmc0p1 RMC_S0 1 1 1 2 50 GB NAS 0 na ext4 0 0 rmc0p2 rmcctl OK cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt ...

Page 63: ...le Status NOTE Add the force option force if changing format from NTFS to ext4 Format ext4 mount partitions 1 through 4 of a 100GB RMC module Command rmcctl p all F M cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 100GB NAS 0 na ext4 1 0 rmc0 rmcctl OK cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 ...

Page 64: ...e and press ENTER key c Type serv a 2 and press ENTER key d Type istarget start and press ENTER key Example 2 To check iSCSI status type istarget and press ENTER key Example 3 To check RMC module services type rmcctl and press ENTER key cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 1 25 GB NAS 0 na ext4 1 0 rmc0p1 RMC_S0 1 1 1 2 25 GB NAS 0 na e...

Page 65: ...ltaneously to capture packets 3 To start capturing packets a Via Ethernet port 0 type pcap i eth0 s 0 start file name 1 and press ENTER key Example b Via Ethernet port 1 type pcap i eth1 s 0 start file name 2 and press ENTER key Example 4 To get pcap status type pcap stat and press ENTER key Example cw_dts rmcctl rmcctl RMC_S ins hcryp osdr p size serv scryp osdm fmt mnt rem mntpoint RMC_S0 1 1 1 ...

Page 66: ...monitor critical environmental and operational parameters The software provides this information to the user via the CLI when commanded A FAIL status will be posted for any values that are out of tolerance 7 7 1 Sens To view operating voltages and temperatures and their status type sens and press ENTER key NOTE Values provided in example are typical As long as the sensed value is between MIN and M...

Page 67: ..._________________ SENSOR VALUE MIN MAX STATUS V_ETH_CORE 1 04 1 00 1 10 Pass V_ETH_VDDa 1 86 1 70 2 10 Pass V_ETH_VDDd 1 90 1 70 2 10 Pass V_ETH_VDD 1 81 1 60 2 00 Pass V_MAIN_12V 11 98 11 00 13 00 Pass V_V5 0 4 89 4 50 5 50 Pass V_V3 3 3 31 3 00 3 60 Pass V_RMC0_12 12 02 11 00 13 00 Pass V_RMC0_5 5 03 4 50 5 50 Pass V_RMC0_3 3 30 3 00 3 60 Pass CAP_OK 1 Pass V_CRYPT 3 67 3 40 3 90 Pass __________...

Page 68: ... Enable Switch for detailed location information After updating the unit set the write enable switch to the READ position The update files should be received from Curtiss Wright as a tarball compressed files package The tarball will have to uncompressed and the digital signature verified before loading the files into the DTS1 flash memory The fupdate command boots the DTS1 system into a RAM disk i...

Page 69: ...d mnt 1 See Example Example 3 If required format and mount RMC module as follows a Type rmcctl serv NAS and press ENTER key b Type rmcctl F M and press ENTER key 4 Type serv and press ENTER key to see if CIFS and NFS is enabled NFS enabled nfs 1 NFS disabled nfs 0 CIFS enabled cifs 1 CIFS disabled cifs 0 5 If NFS is disabled type serv nfs 1 and press ENTER key 6 If CIFS is disabled type serv cifs ...

Page 70: ...essed from a PC running Linux NOTE This procedure is performed via Ethernet connected to DTS1 port 0 1 Open a terminal window 2 Type ssh admin 192 168 1 1 3 Press ENTER key 4 Type istrator for password 5 Press ENTER key 6 Type serv and press ENTER key to see if NFS is enabled NFS enabled nfs 1 NFS disabled nfs 0 7 If NFS is disabled type serv nfs 1 8 In the terminal window on the Linux PC a Create...

Page 71: ...module cmkey unload Unload zeroize key from RMC module 8 1 3 Key Removal Zeroize cmkey del Delete zeroize a saved key cmkey Z Zeroize crypto module Clears any saved loaded key cmkey zpsk Zeroize the crypto unit PSK 8 1 4 Key Commands cmkey save Save key to non volatile memory location 0 31 cmkey e Encrypted DEK data encryption key 40 byte value represented by 80 hex characters cmkey m MAC message ...

Page 72: ...r detailed information about configuring the RMC module The rmcctl command without options applied returns the RMC module status When options are applied the rmcctl command performs control tasks on the RMC modules such as partitioning formatting mounting and requesting removal 8 3 1 RMCCTL Definitions The rmcctl command without options is used to determine status The response will be similar to t...

Page 73: ... Size of partitions can be specified as percent of disk or sizes in MiB MB GiB GB TiB or TB The minimum size allowed is 100MB NAS services iSCSI targets and PCAP recordings need to be inactive and the RMC module disk partitions need to be unmounted to run this command rmcctl serv Assign a service name to partition Valid names are NONE NAS iSCSI and iSCSI0 1 rmcctl U Unmount RMC module partition rm...

Page 74: ...n destroy stored data and formatting of the RMC module NOTE If problems persist contact Curtiss Wright Defense Solutions Customer Support Refer to paragraph 1 5 Technical Support for contact information The ibit command is able to detect many problems While some problems may not have a user remedy the problem s reported by the ibit CLI command should be recorded and discussed with a Curtiss Wright...

Page 75: ... Table 9 3 Encryptor Error Codes Symptoms Condition Meaning Investigative Remedial Action 0x0103 AES Memory allocation error 0x0109 AES KAT known answer test failed 0x0203 KEY_WRAP Memory allocation error 0x0209 KEY_WRAP KAT known answer test failed 0x0210 KEY_WRAP Initialization vector error 0x0303 SHA Memory allocation error 0x0309 SHA KAT known answer test failed 0x0403 HMAC Memory allocation e...

Page 76: ...hip_C POST error 0x0A80 ENCRYPTION Chip_D POST error 0x0A01 ENCRYPTION Key Load error 0x0D04 SRAM Write error 0x0D05 SRAM Read error 0x0E03 E2PROM Memory allocation error 0x0E04 E2PROM Write error 0x0E05 E2PROM Read error 0x0F03 STORAGE Memory allocation error 0x0F04 STORAGE Write error 0x0F05 STORAGE Read error 0x2002 PBKDF2 Invalid input length Table 9 3 Encryptor Error Codes Symptoms Condition ...

Page 77: ...nitions are as follows CWCDS DTS MIB DEFINITIONS BEGIN MIB for CWCDS DTS IMPORTS MODULE IDENTITY OBJECT TYPE Integer32 enterprises NOTIFICATION TYPE FROM SNMPv2 SMI OBJECT GROUP NOTIFICATION GROUP FROM SNMPv2 CONF dtsSnmp MODULE IDENTITY LAST UPDATED 201206250000Z ORGANIZATION www cwcontrols com CONTACT INFO email support curtisswright com DESCRIPTION MIB for CWCDS DTS REVISION 201206250000Z DESCR...

Page 78: ...US current DESCRIPTION Output of command ipconfig dtsSnmpValues 3 dtsRMCFREE OBJECT TYPE SYNTAX OCTET STRING SIZE 1 4096 MAX ACCESS read only STATUS current DESCRIPTION Output of command rmcfree dtsSnmpValues 4 dtsRMCCTL OBJECT TYPE SYNTAX OCTET STRING SIZE 1 4096 MAX ACCESS read only STATUS current DESCRIPTION Output of command rmcctl dtsSnmpValues 5 dtsRMCINFO OBJECT TYPE SYNTAX OCTET STRING SIZ...

Page 79: ...US current DESCRIPTION Output of command sysdate dtsSnmpValues 9 dtsIBIT OBJECT TYPE SYNTAX OCTET STRING SIZE 1 65536 MAX ACCESS read only STATUS current DESCRIPTION Output of command ibit dtsSnmpValues 10 dtsCMLOGIN OBJECT TYPE SYNTAX OCTET STRING SIZE 1 8192 MAX ACCESS read only STATUS current DESCRIPTION Output of command cmlogin dtsSnmpValues 11 dtsCMKEY OBJECT TYPE SYNTAX OCTET STRING SIZE 1 ...

Page 80: ...in until the connector makes contact 4 Apply pressure on the RMC module handle to seat the connector into the backplane connector 5 Close and latch the DTS1 door 6 If the door will not latch a Remove the RMC module and inspect the connector contacts on the RMC module and the DTS1 backplane b If no problem is found with the connectors reinstall the RMC module and try latching the door again c If th...

Page 81: ...unit straight out Figure 11 2 RMC Module Controls Indicators and Handle 11 2 Battery NOTE Battery life is estimated to be approximately 5 years As a result Curtiss Wright recommends replacing it every 5 years The DTS1 encryptor module uses a battery assembly to maintain the encryption key The status can be checked by initiating the sens command and looking at V_CRYPT response The battery should be...

Page 82: ...tiss Wright Defense Solutions Revision 1 0 Figure 11 3 Battery Assembly Replacement Figure 11 4 Battery Access Panel Screws Tightening Sequence DDOC0099 0026 Battery Access Panel Battery Assembly see Detail A Battery Connector Pins DETAIL A DDOC0099 0027 1 5 3 2 6 4 ...

Page 83: ...ormation ipconfig Configure IP interfaces istarget Control iSCSI target services ledctrl Set get duty cycle and status for DTS LEDs log View DTS1 log files mbit Perform maintenance built in tests MBIT ntpdate Retrieve system time and date from ntp server password Change login password for an account pcap Perform packet capture PCAP recording to capture network traffic rtp RTP video stream recordin...

Page 84: ...ity as a whole key key Configure auto key loading of the crypto unit nas nas Configure the auto mounting of NAS file systems on the RMC described by slot iscsi iscsi Configure the auto starting of iSCSI targets on the RMC described by slot por por Configure the operation at POR of the RMC described by slot fin fin Configure the operation at the first insertion of the RMC described by slot sin sin ...

Page 85: ...ect CLI mounting Turn off auto starting of iSCSI target RMC Turn off auto starting of iSCSI RMC at POR Turn off auto starting of iSCSI RMC at first insertion Turn off auto starting of iSCSI RMC at subsequent insertion Turn off auto starting of iSCSI RMC at canceled removal Turn on read only option for iSCSI RMC Valid during auto mounting only Doesn t affect CLI iSCSI target starting Configure the ...

Page 86: ...during the transfer and will generate a failure if verification is unsuccessful NOTE Place the provided files in the root of the NAS folder rmc_shares rmc0p1 NOTE Curtiss Wright will be the only entity who provides a firmware update Syntax cm_field_update h help v version cm_field_update f str s str cmfwupdate options Options h help Print help message v version Report application version f filenam...

Page 87: ...32 byte value represented by 64 hex characters d dek Plain Text DEK data encryption key 32 byte value represented by 64 hex characters k kek Generates KEK key encryption key r resetkek Reset the key used to encrypt the KEK to the PSK NOTE Must provide existing PSK p option when using this option u userpsk User defined plain text PSK pre shared key 32 byte value represented by 64 hex characters NOT...

Page 88: ...Status line Fields action act Action being performed slot int RMC slot number status sts Summary status for the line Enumerated types See above examples in fields int An integer value act Action zero auto save inst load unload delete sts Status message OK ERR str summary Command status summary OK ERR Example Pass plain text key load for RMC Where dek string 32 byte value represented by 64 hex char...

Page 89: ...yption Key mac str Message Authentication Code status sts Summary status for the line Enumerated types See above examples in fields str String sts Status message OK ERR str summary Command status summary OK ERR cw_dts cmkey load 5 s 0 cmkey CMKEY action inst slot int status sts cmkey summary cw_dts cmkey unload s 0 cmkey CMKEY action unload slot int status sts cmkey summary cw_dts cmkey del 3 cmke...

Page 90: ...ters M auth HMAC used for password authorization Must be completed after providing username password to enter login state The HMAC must be 96 ascii hex characters I init Initialize crypto module F force Force reinitialization if module already initialized or RMC mounted Re init zeroizes a previously initialized crypto module L login Login to crypto module Default operation when credentials are sup...

Page 91: ...nitialization indicator login b Login indicator status sts Summary status for the line Enumerated types See above examples in fields desc Description of crypto module state uninit Not initialized init Initialized ready Initialized Login complete error Error state unknown Invalid state bool Boolean status value 1 true 0 false sts Status message OK ERR str summary Command status summary OK ERR cw_dt...

Page 92: ...in Name to assign to clients o offset str Time offset from UTC in seconds Options specific to subnet declarations s subnet ip nm IP and netmask for DHCP Subnet entry Required r range ip ip Low to high range of IP addresses to provide Options specific to BOOTP declarations b bootp str Name for bootp entry Required m mac str Ethernet MAC to identify bootp client c clientid str Alternative bootp clie...

Page 93: ...5 255 255 0 int An integer value Ex 28800 7200 mac MAC address Ex 00 11 22 33 44 55 file File name for BOOTP client Ex rmc0 bootimage str Text string sts Status message OK ERR str summary Command status summary OK ERR Example View configuration sample command output Example Add subnet configuration Example Delete subnet configuration Example Add BOOTP client Example Delete BOOTP client cw_dts dhcp...

Page 94: ...cription The fdefaults command set passwords IP addresses NAS configuration etc to factory default values and clears out saved crypto credentials command history and saved ssh authorized keys Syntax fdefaults h help version go Options h help Print help message version Print program version go Proceed with restoration to factory defaults ...

Page 95: ...on 5 0 12 3 7 fupdate Descripton The fupdate command boots the DTS system into a RAM disk image where the user can install a new DTS disk image onto the system By default the new image file to be updated is uploaded via FTP or SCP into memory See paragraph 7 9 Update Software Firmware for detailed instructions ...

Page 96: ...all start Start the firewall enable Enable the firewall at boot stop Stop the firewall disable Disable the firewall at boot mask Mask the firewall restart Restart the firewall reload Reload the firewalls permanent rules perm Make action permanent dhcp Add remove dhcp ftp Add remove ftp http Add remove http iscsi Add remove iscsi targets nfs Add remove nfs telnet Add remove telnet cifs Add remove c...

Page 97: ...all Disable firewall at boot Mask firewall Restart firewall Reload firewall permanent rules Add eth0 to firewall Add ftp service to firewall Remove ftp service from firewall Add udp port 7777 to firewall permanently Remove udp port 7777 from firewall permanently Pass command to firewall cmd fwall status fwall unmask fwall start fwall enable fwall stop fwall disable fwall mask fwall restart fwall r...

Page 98: ...ays a list of commands available to the DTS admin user if no arguments are supplied For help information for a specific command use help command For example help ipconfig Alternatively run the command with h or help as an argument Syntax help help h help version help command Options h help Print help message version Print program version Examples ipconfing h help ...

Page 99: ...BIT execution Line Identifier IBIT_MON Results for system monitor subsystem IBIT_ETH Results for Ethernet subsystem IBIT_RMC Results for RMC in slot Fields mcu s Result for sysmon microcontroller i2c s Result for I2C bus volt s Result for voltage regulator monitors eth s Result for Ethernet device eth eth0 eth1 ata s Result for ATA driver log check smart s Result for disk S M A R T self assessment...

Page 100: ...sion Sysmon firmware System monitor firmware version Crypto firmware Encryption module firmware version Media slots RMC media slot count Enumerated types ver Version string ERR on error or na for not applicable num Number of slots integer summary Command status summary OK ERR Example Short form output Line Identifier DTS_INFO Firmware versions and slot count data Fields system ver Operating system...

Page 101: ...Media type options A hexadecimal value as follows Bit Mask Description 0 1 RMC E Reserved NOTE The following error examples for phony example command cmd are applicable to all commands supported by the CLI Example Invalid parameters Command errors Line Identifier INVALID Command parameter s invalid ERROR Critical error Command did not complete Enumerated types errstr Text string describing the err...

Page 102: ...hod for IPv6 O onboot Configure interface to come up on boot NOTE This will cause termination of active connections F force Force reconfiguration without reboot V view View interface status and IPv4 configuration settings Default action when other options absent V6 view6 View interface status and IPv6 configuration settings M mac View MAC addresses S Like V but status only S6 Like V6 but status on...

Page 103: ...ator status sts Summary status for the given line Enumerated types See above examples in fields mac MAC address Ex format 00 11 22 33 44 55 summary Command status summary OK ERR Example Interface configuration Set static IPv4 and netmask on interface eth1 Set static IPv6 on interface eth0 Set DHCP config force reconfiguration on interface eth1 Configure enable boot configuration of eth1 Line Ident...

Page 104: ... blocksize Only 512 1024 2048 and 4096 blocks are supported The default blocksize is 4096 ro Start iSCSI Targets as read only The IQN format takes the form iqn yyyy mm naming authority unique name where yyyy mm is the year and month when the naming authority was established naming authority is usually reverse syntax of the Internet domain name of the naming authority unique name is any name you wa...

Page 105: ...argets on the RMC in slot 0 Stop all the iSCSI targets on the RMC in slot 0 cw_dts istarget start s 0 istarget RMC_S0_P1_L0 iqn 2015 05 net cwnas iscsi rmc0p1 is_tgt_en 1 status OK RMC_S0_P2_L0 iqn 2015 05 net cwnas iscsi rmc0p2 is_tgt_en 1 status OK istarget OK cw_dts istarget stop s 0 istarget RMC_S0_P1_L0 iqn 2015 05 net cwnas iscsi rmc0p1 is_tgt_en 0 status OK RMC_S0_P2_L0 iqn 2015 05 net cwna...

Page 106: ... Duty cycle of 0 will prevent the LED from lighting l led str LED number A for all LEDS 0 1 2 3 4 5 6 7 Example Status display NOTE Line wrap above simulated for viewability Line Identifier LED LED status line Fields s s State of LED number d d Duty cycle setting of LED number status sts Summary status for the line Enumerated types See above examples in fields s State of LED Integer 0 for off 1 fo...

Page 107: ...sing more utility q to quit L Paged using less utility q to quit A All Unpaged full text dump F Follow output with tail f Ctrl C to quit export Export log files to an RMC selected by s archive Like export but package files in a tar gz file s Selects RMC used by export or archive Example View list of log files Enumerated types filename Name of a log file summary Command status summary OK ERR Exampl...

Page 108: ...is test Do not perform test on the interface used for the CLI CAUTION DATA LOSS Use of fsck option may destroy data on the disk fsck Run file system check on RMC in slot slotNum or on partition partnum on RMC slotNum All fsck options will unmount the RMC partition fsckro Read only version of fsck CAUTION DATA LOSS Use of fsckauto option may destroy data on the disk fsckauto Auto repair version of ...

Page 109: ... throughput timed during read verify phase only M Cumulative total throughput read write combined Ex2 Errors other than data errors Ex Data verification errors LgB ROUGH representation of the byte error rate exponent Example Disk file system check on RMC 0 Example Disk file system check on RMC 0 partition 1 cw_dts mbit fsckro s 0 go mbit e2fsck 1 42 9 28 Dec 2013 dev rmc0 clean 11 30531584 files 1...

Page 110: ...g for time from ntp server status Print server list and polling status Example Set current time and date via NTP Line Identifier SETDATE Reports date time configuration status Fields date date Reports system date time time Reports system time status sts Summary status for the given line Enumerated types str Text string date System date as month day year Ex Aug 2 2014 time 24 hour system time as Ho...

Page 111: ...mples in fields Example List ntp server entries Fields name host name of NTP server ip IP address of NTP server Example configuration status Line Identifier STATUS Configuration status Fields name Host name of NTP server ip IP address of NTP server sec Number of seconds to wait before polling NTP server Enumerated types See above examples in fields cw_dts ntpdate name str ntpdate STORE status sts ...

Page 112: ... password h help version password u userName p userPass Options h help Print help message version Print program version u user str Username of account admin user p pass str New password Example Password change Line Identifier PASS Password change status line Fields status sts Summary status for the line Enumerated types See above examples in fields sts Status message OK ERR str str Text string sum...

Page 113: ...e accompanied by ov if file already exists stop interface Stop PCAP recording on select interface if specified or all if not specified stat Get PCAP recorder status Default action when invoked with no parameters i interface Name of interface to capture data from ex eth0 eth1 etc ov Overwrite file if file exists filter filters TCP data filter Selects which packets will be dumped If no filter is giv...

Page 114: ...rsion Options h help Print help message version Print program version now Require option to avoid accidental reboot Example Rebooting the DTS Line Identifier REBOOT Reboot status line Fields status sts Summary status for the line Enumerated types See above examples in fields sts Status message OK ERR str str Text string summary Command status summary OK ERR cw_dts reboot now reboot REBOOT status s...

Page 115: ...e destructive nature of part All services iSCSI targets and PCAP recordings need to be inactive and the RMC partitions need to be unmounted to run this command W wipe Destructively clean the disk and any partitions force Necessary due to the destructive nature of wipe All services iSCSI targets and PCAP recordings need to be inactive and the RMC partitions need to be unmounted to run this command ...

Page 116: ...ock device detection status 0 Mapped device not detected 1 detected fmt Reports file system format status 0 not formatted ext4 formatted ext4 ntfs formatted ntfs mnt Reports file system mount status 0 not mounted 1 mounted ro mounted read only rem Reports removal request status 0 not requested RQ requested OK ready for removal Enumerated types summary Command status summary OK ERR Example Control ...

Page 117: ...n info on RMC in slot 0 Associate RMC slot 0 partition 1 with general NAS use Associate RMC slot 0 partition 1 with an iSCSI target available on all the Ethernet interfaces Associate RMC slot 0 partition 1 with an iSCSI target available only on Ethernet interface eth0 Name the mount point for RMC 0 partition 1 rmc_shares lancer Perform wipe operation on RMC in slot 0 rmcctl p 1 M rmcctl s 0 U rmcc...

Page 118: ...stem free sz Free capacity of file system used p Percentage of file system used status sts Summary status for the given line Enumerated types m Mount status 0 not mounted 1 mounted t File system type ext4 NA sz Disk space with unit indicators as powers of 1000 G Gigabytes M Megabytes K Kilobytes Examples 46G 180M Also NA for not available p Percentage used Integer from 0 to 100 or na sts Status me...

Page 119: ...le Information display RMC installed Enumerated types sts Status message OK ERR str str Text string summary Command status summary OK ERR Example Information display RMC not installed Example Set volume name Line Identifier RMC_I Reports status of request for RMC in slot Fields status sts Summary status for the given line Enumerated types cw_dts rmcinfo s 0 rmcinfo RMC_I0 Manufacturer Curtiss Wrig...

Page 120: ...User Guide DDOC0099 000 AH DTS1 CSfC 12 38 Command Line Interface 2020 Curtiss Wright Defense Solutions Revision 5 0 sts Status message OK ERR str str Text string summary Command status summary OK ERR ...

Page 121: ...sage version Print program version s slot Slot number of the target RMC 0 A all For all slots use A or all default N normal Issue ATA Security Erase Command E enhanced Issue ATA Security Enhanced Erase Command Example Enhanced erase of RMC Line Identifier RMC_P Reports status of purge request for RMC in slot Fields status sts Summary status for the given line Enumerated types sts Status message OK...

Page 122: ...f network interface to listen on P port str Interface port to listen on S sdp str String indicating the RTP Session Description Protocol filename t segtime num Time in seconds to record to the filename before creating a new file Each file will be appended with an integer indicating the index of the file start Start RTP recording into file Must be accompanied by ov if file already exists stop Stop ...

Page 123: ...5 0 Example Stop all video stream capture processes Example Status example cw_dts rtp stop rtp RTP action stop status OK rtp OK cw_dts rtp stat rtp RTP action stat instances 2 status OK RTP_1 ip fd01 1 port 1234 filename videoFile1 state started RTP_2 ip fd01 1 port 5004 filename videoFile2 state capturing rtp OK ...

Page 124: ...mmand displays DTS voltage and temperature sensor readings Syntax sens h help version sens S T V p PERIOD Options h help Print help message version Print program version p PERIOD Refresh display every PERIOD milliseconds Ctrl C to exit S View Advantech subset of sensors only T View Temperature subset of sensors only V View Voltage subset of sensors only ...

Page 125: ...et Service s snmp num SNMP Service Enumerated type num Selects server state 0 Disable 1 Enable 2 Use boot setting Example Status configuration display Line Identifier BOOTCFG Reports of service states to be applied at boot up LIVECFG Reports the current operation state of each service Fields cifs s Common Internet File System service state nfs s Network File System service state ftp s File Transfe...

Page 126: ...T Indicates boot configuration update performed Fields status sts Summary status for the line Example Start stop servers Line Identifier LIVESET Indicates change to operational state of server Fields serv s Indicator of which server is being started stopped status sts Status for action OK ERR str cw_dts serv boot cifs 1 nfs 0 serv BOOTSET status sts serv OK cw_dts serv cifs 1 nfs 0 ftp 1 serv LIVE...

Page 127: ...ions h help Print help message version Print program version now Require option to avoid accidental shutdown Example Rebooting the DTS Line Identifier SHUTDOWN Shutdown status line Fields status sts Summary status for the line Enumerated types See above examples in fields sts Status message OK ERR str str Text string summary Command status summary OK ERR cw_dts shutdown now shutdown SHUTDOWN statu...

Page 128: ... Reports the current date and time Fields date date Reports system date time time Reports system time status sts Summary status for the given line Enumerated types date System date as year month day Ex 2012 01 07 time 24 hour system time as Hour Minute Second Ex 23 05 06 sts Status message OK ERR str str Text string summary Command status summary OK ERR Example Set current time and date Line Ident...

Page 129: ...ss Wright Defense Solutions Revision 3 0 Specifications A 1 Envelope Mounting Dimensions A 1 1 RMC Module NOTE Dimensions are in inches and millimeters Figure A 1 RMC Module DDOC0099 0025 0 08 2 1 0 63 15 9 5 0 127 0 39 9 9 3 2 81 79 3 00 76 2 4 5 6 1 2 3 D E F A B C ...

Page 130: ...857 0 635 6 50 0 01 165 2 0 254 0 35 0 005 8 9 0 127 0 437 0 005 11 1 0 127 Alternate L Bracket Installation 0 447 0 005 11 354 0 127 0 507 0 005 12 878 0 127 0 975 0 01 24 778 0 254 0 507 0 005 12 878 0 127 0 50 0 005 12 7 0 127 0 50 0 005 12 7 0 127 0 665 0 005 16 891 0 127 1 042 0 005 26 467 0 127 5 00 0 005 127 0 0 127 5 70 0 01 144 8 0 254 1 50 0 005 38 1 0 127 Use 4 40 Flat Head Screw 8 32 T...

Page 131: ...S1 Dzus Mount DDOC0099 0024 0 19 0 005 4 8 0 127 0 56 0 005 14 2 0 127 0 835 0 005 21 209 0 127 5 75 0 005 146 0 0 127 1 875 0 005 47 63 0 127 8 32 Threads 6 50 0 01 165 2 0 254 0 507 0 005 12 878 0 127 0 447 0 005 11 354 0 127 1 042 0 005 26 467 0 127 2 50 0 005 63 5 0 127 5 00 0 005 127 0 0 127 0 975 0 01 24 778 0 254 7 986 0 025 202 857 0 635 3 96 0 005 100 584 0 127 0 50 0 005 12 7 0 127 ...

Page 132: ...bility Data Reliability 1 non recoverable error in 1014 bits read Data Retention 10 years SSD Endurance 100 00 writes Capacity 128 GB unformatted 117 GB formatted 256 GB unformatted 235 GB formatted 512 GB unformatted 470 GB formatted 1 TB Unformatted 931 GB formatted 2 TB Unformatted 1 862 TB formatted 4 TB Unformatted 3 725 TB formatted A 4 Mean Time Between Failures These Mean Time Between Fail...

Page 133: ... VS RMC256M 00 256GB Ground Benign Controlled 20 C 163 603 Ground Mobile 30 C 65 650 Naval Sheltered 20 C 70 797 Airborne Uninhabited Cargo 30 C 37 505 Airborne Uninhabited Fighter 30 C 31 662 Airborne Rotary Wing 30 C 25 742 VS RMC128S 00 128GB Ground Benign Controlled 20 C 168 953 Ground Mobile 30 C 67 361 Naval Sheltered 20 C 76 004 Airborne Uninhabited Cargo 30 C 40 441 Airborne Uninhabited Fi...

Page 134: ...issions Electric Fields 2 MHz to 18 GHz CS101 Conducted Susceptibility Power Leads 30 Hz to 150 kHz CS114 Conducted Susceptibility Bulk Cable Injection 10 kHz to 200 MHz Curve 5 CS115 Conducted Susceptibility Bulk Cable Injection Impulse Excitation CS116 Conducted Susceptibility Damped Sinusoid Transients Cables and Power Leads 10 kHz to 100 MHz RS101 Radiated Susceptibility Magnetic Fields 30 Hz ...

Page 135: ... PN 801 023 07M9 4PA Mating Connector PN 801 007 16M9 4SA Figure B 1 Power Connector J1 Figure B 2 Power Lab Cable Diagram Table B 1 Power Connector J1 Signals Connector Pin Signal Name Signal Type Direction Description Functions 1 28V DC Analog In Main 28VDC Power Input 2 28 VDC RTN Analog Out Main 28VDC Power RTN 3 Power Disable Analog In DTS1 power off control Short to 28VDC_RTN to turn off the...

Page 136: ...inimum of 5 seconds for the zeroization process to take affect 2 RST_IN_N Analog In Active low external reset input Short to GND to invoke DTS reset 3 GND Analog Signal return GND for ZEROIZE_N and RST_IN_N 4 GND Analog NC 5 NASP_RXD RS 232 In NAS Processor Serial Port Receive I F 6 GND Analog Signal return GND for NASP_RXD and NASP_TXD 7 BI_DA1 GbE In Out Gigabit Ethernet Bi directional pair A1 8...

Page 137: ...orPN 801 007 16M9 19SB Table B 4 Utility Lab Cable VS DTS1ETHCAB J2 Connector Description Mates With Signal Name P1 DTS1 J2 P2 TIA EIA 568B Modular Plug Gigabit Ethernet TIA EIA 568B Modular Jack J1 D sub DE 9 Female Socket RS 232 Pin 2 DTS1 transmit Pin 3 DTS1 receive Pin 5 GND J2 3 5mm Audio Jack Tip ZEROIZE Short to GND to ZEROIZE Crypto Keys This signal must be active for a minimum of 5 second...

Page 138: ... Analog NC 12 BI_DA2 GbE In Out Gigabit Ethernet Bi directional pair A2 13 BI_DD2 GbE In Out Gigabit Ethernet Bi directional pair D2 14 GND Analog NC 15 GND Analog NC 16 BI_DB2 GbE In Out Gigabit Ethernet Bi directional pair B2 17 BI_DC2 GbE In Out Gigabit Ethernet Bi directional pair C2 18 BI_DC2 GbE In Out Gigabit Ethernet Bi directional pair C2 19 BI_DB2 GbE In Out Gigabit Ethernet Bi direction...

Page 139: ...Wiring Diagram B 4 Ground Lug A ground cable is required but not provided The ground cable is installed on the DTS1 ground lug E1 The provided nut should be torqued to 18 in lb to ensure proper connection DDOC0099 0038 2 1 3 4 5 6 8 9 10 11 19 18 13 14 15 17 12 16 7 P2 6 5 4 3 2 1 12 11 10 9 8 7 13 19 18 17 16 15 14 C2 B2 A2 D2 ETHERNET P1 ...

Page 140: ...es html Table C 1 DTS1 CSfC Chassis Order Number Description VS DTS1SL F DTS1 Chassis Without RMC Module L Bracket Mount VS DTS1SL FD DTS1 Chassis Without RMC Module DZUS Panel Mount Table C 2 RMC Module Order Number Description VS RMC4096M 00 RMC 4 TB VS RMC2048M 00 RMC 2 TB VS RMC1024M 00 RMC 1 TB VS RMC500M 00 RMC 512 GB VS RMC256M 00 RMC 256 GB VS RMC128S 00 RMC 128 GB VS RMC0000 00 RMC empty ...

Search results

Summary of Contents for DTS1

Reviews:

Related manuals for DTS1

Brands by name

Popular brands

Curtiss-Wright DTS1, User Manual

Search results

Summary of Contents for DTS1

Reviews:

Related manuals for DTS1

Brands by name

Popular brands