Cirium provides three secure options for customers to receive their temporary passwords.
Option One - Secure E-mail
The Secure E-mail method allows Cirium to send an email to a customer that contains only a link to the information in the email. This means that at no point will the password will pass through the normal e-mail systems instead the contents of the e-mail is held securely on Cirium Servers until it is retrieved by the user. These links are available only once per e-mail reducing the risk of interception.
-
You will receive a secure e-mail that contains a link to read the message.
-
Clicking the link to read the message will trigger a second e-mail with a one-time passcode.
-
Entering the one time passcode will allow you to read the message containing your credentials.
Option Two - PGP
This the most secure option but requires users to have knowledge about public and private keys.
To share passwords securely, passwords are encrypted using a public key provided by the intended recipient.
This ensures that even if a password is intercepted in transit that the password cannot be decrypted.
To share a public key the user will require a tool that can generate the public key using PGP protocol. This might require admin permissions on your machine.
To generate a public key you will need a tool that implements PGP. The examples shown are the GPG (GnuPG) tool. The following command generates a public-private key pair for the user “Joe Bloggs” (please replace with your own information).
gpg --gen-key
Real name: Joe Bloggs
Email address: joe.bloggs@company.com
You selected this USER-ID:
"Joe Bloggs <joe.bloggs@company.com>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
You will be prompted to provide a passphrase to protect your new key.
This will have generated a public and private key pair.
For now these keys are in your private keystore.
To extract your public key use the following command replacing “Joe Bloggs” with your name.
gpg --export -a "Joe Bloggs" > public.key
This will export the public key to the file public.key in the current directory.
This is the key that must be sent to Cirium so that we can encrypt your password, this can be sent via the support e-mail (support-ciriumsky@cirium.com), your public key can only be used to encrypt secrets not decrypt them.
Your private key remains on your system in your private keystore. This will be required to decrypt the password when it is sent back to you.
Once Cirium has created your password you will receive an email with an encrypted file.
To decrypt this file copy the file into a directory and run the command.
gpg -d encrypted_password.txt.gpg
Where the filename is encrypted_password.txt.gpg this will create a new file encrypted_password.txt containing your password to access Cirium Sky. You will be prompted for your passphrase to unlock your private key.
If there are any concerns with the process please contact support via the Help Desk or via email and we will be happy to arrange a call to walkthrough the process.
Useful Links
Option Three - Microsoft Teams Call
The third option is to arrange a Microsoft Teams call with our engineers who will create your user while you are on the call and you can receive the temporary password either verbally or in a direct MS Teams message which is deleted immediately after the user confirms they have received it.
This option can also double as an onboarding session where our engineers can walk you through any problems that might occur while connecting to Cirium Sky.
If you have any feedback or ideas about Cirium Sky for Airline Ops then we would love to hear from you via our Feedback Form.
Comments
0 comments
Article is closed for comments.