Part 1 - Setup TRASA server and root account

In this first part, we will cover installation and setup of TRASA server.

Before Installation

  1. Linux server

    We've created 1 core 2 GB ram 20 GB storage Ubuntu server. We will call this server Nepsec TRASA server. Once this server is ready, install and setup Openssh server and Docker in this server.

  2. Domain name

    We've setup DNS with A record nepsec.trasa.io which points to our server. Setup a domain in your control.

Install

note

We are using docker install for demonstration. For other installation options, refer to Install Guides

SSH to Linux instance (TRASA server) you created in previous step.

# Run Postgresql database
sudo docker run -d -p 5432:5432 --name db -e POSTGRES_PASSWORD=trasauser -e POSTGRES_USER=trasauser -e POSTGRES_DB=trasadb postgres
# Run Redis
sudo docker run -d -p 6379:6379 --name redis redis
# Run Guacd Server
sudo docker run -d --rm --name guacd -p 127.0.0.1:4822:4822 -v /tmp/trasa/accessproxy/guac:/tmp/trasa/accessproxy/guac --user root seknox/guacd:v0.0.1
# Run TRASA server
sudo docker run --link db:db \
--link guacd:guacd \
--link redis:redis \
-p 443:443 \
-p 80:80 \
-p 8022:8022 \
-e TRASA.LISTENADDR=TRASA.NEPSEC.IO \ # <- Replace it with your preferred trasa domain name.
-v /tmp/trasa/accessproxy/guac:/tmp/trasa/accessproxy/guac \
seknox/trasa:v1.1.4



Setup Root Account

TRASA server should be ready from previous step. Enter TRASA_HOST in your browser.

In our case, we setup domain nepsec.trasa.io so we enter this address in browser.

dashboard login

When TRASA is installed, default system account root is created for you with default password changeme. Enter username and password (root account) in login box.

important

TRASA requires two factor authentication by default and TRASA mobile app is default supported authenticator. Since this is your first login, you need to enrol device first:

Get TRASA authenticator from Play Store or App Store.

Enrol Mobile Device

Since this is your first time logging into TRASA, you have not yet added your 2FA device yet. QR code will appear on screen.

qr-code

Enrol Steps:

enrol device
  1. Press the + button (buttom right).
  2. Press QR image icon button. This will open in-app camera.
  3. Scan the QR image from TRASA dashbaord
  4. If everything goes well, you will see the following icon on your app
enrol device
  • Press the icon to get TOTP codes

Login with root account

Press login button in dashboard page (where QR code is shown), you will be redirected to Login page again.

  1. Enter root account credentials

  2. Once the credentials are validated, you will see second-step verification page

    enrol device
  3. From your TRASA mobile app, note totp code and enter in dashboard to proceed login.

    enrol device
  4. Server will validate your totp code and will redirected to dashboard overview page.

    dashbaord overview

Enrol workstation

note

Only Firefox browser supported at this time. Supported OS includes windows 10, mac and ubuntu linux.

Install TRASA browser extension

Get your firefox extension. When installing the addon, make sure you allow it on private browsing window as well.

Install TRASA workstation agent

Get agent installer for Workstation agent. Install it in your workstation once downloaded.

caution

Always download agents and installer for TRASA from links provided in trasa.io website (this website) only.

Register your device




tip

You can always view your enroled and active device in your account page device tab.

my devices

Next - Create User Accounts