Maintenance Operations

As of EPAS version 1.0.27, several tasks related to maintenance operations have been implemented. The maintenance tasks are available to ease the EPAS backup and restore operations, the firmware update procedures, as well as several web service, network and storage specific actions. To access the aforementioned facilities, navigate to the System → Maintenance menu.

Maintenance Mode: Enable maintenance mode in order to use the backup and update features without manually changing scheduled operations, such as jobs. Audits and password hash retrieval are not possible when the system is in maintenance mode. Running jobs will be allowed to complete when maintenance mode is enabled. Possible actions: Enable maintenance mode and Disable maintenance mode.

Web service: Restart all HTTP(S) listener services on EPAS. Use this function after changing any web service settings. Affects all the web interfaces listening (management, public and enforcement services).

Network: Restart all networking services. Use this function after making any changes in the network configuration. Affects all the interfaces using the network stack (management, public and enforcement services).

Storage: Operations related to EPAS storage management and collected data management. Possible actions: Reclaim Free Disk Space, Erase Collected Texts and Erase Collected Passwords.

Site Keys: EPAS uses a set of authentication and encryption keys for the internal communications between the MASTER, WORKER, and AGENT units. More information is available in the section Site Keys. Possible actions: Activate site keys and Restore default keys.

API Keys: Regenerate and manage the key information used to sign and encrypt JWT (API Clients/OAuth2) tokens. Default tokens are randomly generated and unique. Possible actions: Regenerate keys.

Fast Mode: Enables the optimized kernel (GPU) for all algorithms that support it. Enabling fast mode accelerates password recovery by a large factor (from two to ten times) at the expense of ignoring special byte characters in passwords (such as emojis or non-ASCII characters). Possible actions: Disable Fast Mode and Enable Fast Mode.

LDAP Fingerprint Cache: Clears the LDAP external authenticator certificate fingerprint cache. Only used for legacy LDAP external authentication configurations, which do not make use the of the CA store. Possible actions: Clear cache.