Main menu

Unable to log in: No Security Keys Defined

This article is all about the 'No security keys defined’ message, which in some circumstances could appear when trying to start or log in SysMan:

Quick fix:

  1. Start CMD with administrative privileges.
    (right click CMD and select 'Run as Administrator')
  2. On 64 bit machines run: CD /D "C:\Program Files (x86)\Sysgem"
    On 32 bit machines run: CD /D "C:\Program Files\Sysgem"
  3. Then run:
    "SEM User Interface\SEM Client" -K1=SysMan
  4. Also, if the “SysMan Authorization Server” folder exists then run:
    "SysMan Authorization Server\SEM AuthServer" -K1 SysMan
  5. And verify connection with SysMan.

Note:

Please note the difference between applying the 'Kn' parameter in step 3 and 4 (with and without the '=' sign).


More information:

Some questions which you might think of could be:

1. Security keys, what are they ?

Every SysMan Edition comes with at least 2 components; The SysMan User Interface (the interface that you’re working in) and the SysMan Authorization Server (a background service which provides all intelligence for the client to operate). Communication between these two components is encrypted using a security-key.
As such, the security key protects the system from unauthorized components and any possible attempts to gain fraudulent access to your SysMan environment.


2. Why do I get this message ?

As it’s quite regularly asked us, please note that this message has nothing to do with your license state.

This hashed security-key is bound to the current computers’ fingerprint. Therefore, a change in the computers’ fingerprint could result in the security-key hash becoming invalid. In such case, the Client User Interface can no longer communicate with the SysMan Authorization Server (it is no longer trusted) and an attempt to start SysMan will show a message “No security keys defined”, followed by the SysMan logon-window..

The most common reasons for this message originate from the following events:

SysMan was embedded in a system-image and this system image is restored onto another machine. This other machines’ fingerprint possibly differs from the original which might lead to the security keys being corrupted.

Your machine has switched on its primary ethernet adapter. Part of the security hash is based on the primary network communication path of the machine (or machines) involved. If the primary ethernet adapter is changed (this might be a result of switching from wireless, to wired or to and from VPN), then the security key exchange could fail.


3. What can I do about it ?

  • If your system has gone through a hardware change, for instance a restored image, or a replaced network card, then the easiest way to overcome this is to reinstall SysMan on top of the existing installation. A reinstall will preserve your data and settings, but will also reset the security-key. Alternatively run the quick fix described above on top of this article.

  • If this is concerns another mode of operation for this workstation (for instance: switching from wireless, to wired, or to and from VPN) then you probably want to add a security key pair for the computers’ fingerprint in the specific operational mode. To do so, run the quick fix described above in this article in every different mode of operation. For every different mode, raise the 'K' parameter with 1.

    For example, if you have a notebook, and occasionally switching between wired and wireless connection, then do the following:
    1. Start in one of these operation modes, for instance 'wireless' and run the above commands on parameter 'K1' ("SysMan Authorization Server\SEM AuthServer" -K1 SysMan, and "SEM User Interface\SEM Client" -K1=SysMan).
    2. Try logging on in SysMan.
    3. If successful, logoff again and switch to the other mode of operation (for instance 'wired').
    4. Run the above commands, having raised the 'K' parameter with 1 ("SysMan Authorization Server\SEM AuthServer" -K2 SysMan, and "SEM User Interface\SEM Client" -K2=SysMan) and logon in SysMan again.
    5. From that point, SysMan has security keys set up for every mode of operation and switching between these should therefore no longer require you to reapply the security key.
    Please note that the 'K' parameter can not be raised higher than '9'.

Note:

The above commands assume that the standard security-key (i.e. 'SysMan’) is used. If you have overwritten the standard security key with another, then please apply that key in the commands above.


4. I don’t need security keys. Can I switch this feature off ?

At least up to the current SysMan version (v3.x) the security keys are mandatory. The feature cannot be turned off.

Search

Can't Find an Answer?

If you can't find an answer to your question in our knowledge base, please feel free to contact our support team.

 

Downloads

Download a full featured evaluation kit from a list of available products.

Run the product under a trial license for 30 days before deciding to proceed. 

Knowledge Base

Find answers to common support questions in our Knowledge Base.

If you require support with an issue not listed here, or have any other enquiries, please contact us.

 

© Sysgem AG, all rights reserved.

Sysgem is a trademark of Sysgem AG. Other brands and products are registered trademarks of their respective holders.

Sysgem AG, Forsterstrasse 67, CH-8044 Zurich, Switzerland
+41 44 586 1060