lunacm hsm Commands
This command, and all the lunacm hsm commands, appear only when the current slot selected in lunacm is for a local HSM, like an installed Luna PCI-E.
HSM commands do not appear in the lunacm command menu when lunacm is directed at a slot corresponding to a remote Luna SA - lunacm has a client-only connection to a remote HSM and therefore cannot log in as SO to a remote HSM.
For Luna SA, the HSM commands are available via the Luna appliance's Luna Shell (lunash:>), which can be accessed via ssh if you have the required authentication.
hsm clone - clones HSM SO objects
Syntax for "slot to slot backup" (to another token/HSM):
hsm clone -objects <handles> [-force] -password <password> -slot <slot number>
This command clones SO objects from the HSM into another HSM in the same computer.
The following options are available:
| Name | Short | Description |
|---|---|---|
| -objects | -o | Object handles to extract |
| -slot | -s | Target slot |
| -password | -p | Target slot password |
| -force | -fo | Force Action |
Note:
<objects> can take on any of the following values
-
a single object handle
-
zero, to indicate that all objects are to be extracted
-
a list of handles, separated by commas ie.
-objects
3,4,6
Note: "-password" is not used for PED-authenticated target HSMs.
lunacm:> hsm clone -objects 0 -slot 2
Command Result : No Error
lunacm:>