You are here: Configuration Manual (Set up Luna Appliance after Installing) > [Step 1] Configuring Luna Appliance for your Network > First Login & Changing Passwords

First Login & Changing Password

Orientation summary

Following the instructions in the previous pages, you have already:

gathered the necessary network and security information
made a connection (preferably serial) between your administration computer and your HSM appliance.

This section describes the complete process of preparing your new HSM Server and one Client system for operation with your application.

First Time Login and Changing Passwords (below, on this page)
Verify and Set the Date and Time (next page)
Configure HSM appliance's IP and Network Parameters (using static or DHCP, etc. - In general, we strongly recommend against using DHCP for HSM appliances.)
Restart services, so that your configuration changes (previous step) can take effect
Make Your Network Connection

Login now

When you have connected to the HSM Server, the onboard secure Command Line Interface ( with the lunash:> prompt) is independent of the platform (Linux, Windows, Solaris, HP-UX or AIX) that you used to connect (however, we assume that most lab/server rooms have a Linux or Windows PC available)

At the prompt, login as “admin”. The initial password is “PASSWORD” (without the quotation marks).
login as: admin
admin@<hostname>’s password: PASSWORD
For security, you are immediately prompted to change the factory-default password for the ‘admin’ account.

Luna SA 5.1.0-24 [Build Time: 20111223 11:55]

Authorized Use Only

[localhost] ttyS0 login: admin
Password:
You are required to change your password immediately (root enforced)
Changing password for admin
(current) UNIX password:

You can now choose the new password.

A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use an 8 character long
password with characters from at least 3 of these 4 classes.
An upper case letter that begins the password and a digit that
ends it do not count towards the number of character classes used.

Enter new password:
Re-type new password:

Last login: Mon Jan 30 11:24:00 from 172.20.10.180

Luna SA 5.1.0-24 Command Line Shell - Copyright (c) 2001-2011 SafeNet, Inc. All rights reserved.

Command Result: 0 (Success)
[local_host] lunash:>

(The above represents a local serial connection; text will differ slightly for an SSH connection)
Record the new password on a worksheet.

The username and passwords are case-sensitive.

You must login within two minutes of opening an administration session, or the connection will time out.

Keep your passwords secure, as you would for any device.

If you forget your password, you can use a local serial connection to login to the Recover account. See "Forgotten Passwords".

To protect the HSM appliance and its HSM from vulnerabilities due to weak passwords, new passwords must be at least eight characters in length, and must include characters from at least three of the following four groups:

– lowercase alphabetic (abcd...xyz)
– uppercase alphabetic (ABCD...XYZ)
– numeric (0123456789)
– special (non-alphanumeric, -_!@#$%&*...)

After successful login, the HSM appliance presents the lunash prompt. Just type "?" or "help" and press [Enter] for a summary of the main commands. Type "?" followed by any of the commands, with or without parameters, and press [Enter] to see a summary of sub-commands and parameters for that command.

Example – lunash Command

[myluna1] lunash:>?

   The following top-level commands are available:

 Name                 (short)    Description
 --------------------------------------------------------------------------------
 help                 he         Get Help
 exit                 e          Exit Luna Shell
 client               c          > Client
 hsm                  hs         > Hsm
 htl                  ht         > Htl
 my                   m          > My
 network              ne         > Network
 ntls                 nt         > Ntls
 package              pac        > Package
 partition            par        > Partition
 service              se         > Service
 status               st         > Status
 sysconf              sysc       > Sysconf
 syslog               sysl       > Syslog
 token                t          > Token
 user                 u          > User


Keywords which must be used as the first argument on the command line.

Type "help" (without the double quotes) followed by a command name for further information.
  For example: type "help help" for help on the help command.
  Note that a question mark ("?") can be used as an alias for "help".

Command Result : 0 (Success)
[SA75] lunash:>

See:

Show the Table of Contents

Password defaults
Admin (appliance) default password	PASSWORD (via local serial link or via SSH)
Operator (appliance) default password	PASSWORD (via local serial link or via SSH)
Monitor (appliance) default password	PASSWORD (via local serial link or via SSH)
Recover account (appliance) default password	PASSWORD (accessed via local serial link only)