Quipucords can identify the following cloud providers through a network scan; Amazon, Azure, and Google. The following instructions explain how to set up vms on each of the above clouds and run a scan with quipucords.
- Log in to your amazon account at https://aws.amazon.com/.
- At the top of the page, click on the Services drop down menu and select
EC2(underneath Compute). - In the left hand navigation bar, select
Instances, and then click on theLaunch Instancebutton. - Select the free tier eligible RHEL 8 AMI (leave the default 34-bit (x86)).
- The default should be the free tier eligible t2.micro - leave this and click the
Review and Launchbutton at the bottom of the page. - Click
Launch. - In the popup, select
Create a new key pairand give the key pair a name and clickDownload Key Pair. - Click
Launch Instances. - Find the downloaded .pem file on your local machine and change the permissions to
0400:
chmod 400 /path/my-key-pair.pem
- Now go back to the amazon console and click
View Instancesat the bottom of the page. - This menu will show you the IPv4 Public IP of your instance. Copy that.
- In the terminal check that you can ssh to your machine:
ssh -i ~/.ssh/cloud_provider_key_pair.pem ec2-user@IP
- Once you have successfully connected you can create a cred, source, and scan to use Quipucords to scan your instance:
qpc cred add --name aws --type network --username ec2-user --sshkeyfile /path/my-key-pair.pem
qpc source add --name aws --type network --cred aws --hosts IP
qpc scan add --name awsScan --sources aws
qpc scan start --name awsScan
- Log in to your Azure account here.
- On the home page, click on the
Virtual machinesoption. - Select
Addin the top left corner and then clickCreate VM from Azure MarketPlace. - Select the RHEL 7.6 machine image (you may have to search Red Hat Enterprise Linux in the search bar).
- Select
Start with a pre-set configuration. - Select
Dev/Test. - Leave the default of
General Purpose (D-Series). - Under Resource group click
create new, give the resource group a name and then select it. - Then give your virtual machine a name - for example
azure-trial-machine - Create a username such as
aaiken - In a terminal generate an ssh key pair using:
ssh-keygen -t rsa -b 2048
- Save the key pair to a known place and copy the contents of the public key and paste it into the SSH public key text box.
- Leave the port defaults.
- At the bottom click
Review + createand enter your email/phone number. - Click
createat the bottom - this might take a little while but when it is finished click View Resource - This page allows you to get your ip address, with which you should check your ssh connection:
ssh -i ~/.ssh/cloud_provider_key_pair your-username@IP
- Once you have successfully connected you can create a cred, source, and scan to use Quipucords to scan your instance:
qpc cred add --name azure --type network --username aaiken --sshkeyfile ~/path/to/private-key:
qpc source add --name azure --type network --cred azure --hosts IP
qpc scan add --name azureScan --sources azure
qpc scan start --name azureScan
- Follow this blog, except choose a RHEL marketplace image.
- If you have any trouble connecting or see the following error:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
- You can potentially solve this by creating a fake ssh directory with
700permissions and move the private key that you generated for your instance to this directory with600permissions (as expected). When you ssh to your instance, provide the path to this private key.
- Once you have successfully connected you can create a cred, source, and scan to use Quipucords to scan your instance:
qpc cred add --name google --type network --username yourUser --sshkeyfile ~/path/to/private-key
qpc source add --name google --type network --cred google --hosts IP
qpc scan add --name googleScan --sources google
qpc scan start --name googleScan