lunacm hsm Commands
This command, and all the lunacm hsm commands, appear only when the current slot selected in lunacm is for a local HSM, like an installed Luna PCI-E.
HSM commands do not appear in the lunacm command menu when lunacm is directed at a slot corresponding to a remote Luna SA - lunacm has a client-only connection to a remote HSM and therefore cannot log in as SO to a remote HSM.
For Luna SA, the HSM commands are available via the Luna appliance's Luna Shell (lunash:>), which can be accessed via ssh if you have the required authentication.
NAME
hsm init - Initialize the HSM
SYNOPSIS
lunacm:> hsm init -label <hsmlabel> -password <hsmsopassword> [-force]
DESCRIPTION
The hsm init command initializes the HSM. Initializing the HSM erases all existing data on the key card, including any HSM Partition and its data. HSM Partition then must be recreated with the partition create command.
Because this is a destructive command, the user is asked to “proceed” unless the -force switch is provided at the command line.
OPTIONS
| Options | Short | Description |
|---|---|---|
| -label | -l | HSM Label |
| -initwithped | -iped | Initialize a Backup Device with PED-Auth. This option is supported only when initializing a Backup Device that is in a zeroized state. |
| -initwithpwd | -ipwd | Initialize a Backup Device with PWD-Auth. This option is supported only when initializing a Backup Device that is in a zeroized state. |
| -auth | -a | Log in after the initialization |
| -force | -f | Force the action - no prompts |
SAMPLE OUTPUT
"Soft" init (no factory reset)
lunacm:> hsm init -label myLuna
You
are about to initialize the HSM that is NOT in the
factory reset (zeroized) state.
All objects will be destroyed.
The User will be destroyed.
You are required to provide the current SO PED key.
The domain will NOT be destroyed.
Are you sure you wish to continue?
Type 'proceed' to continue, or 'quit' to quit now -> proceed
Command Result : No Error
lunacm:>
"Hard" init (with factory reset first)
lunacm:> hsm factoryReset
You are about to factory reset the HSM.
All contents of the HSM will be destroyed.
The user will be destroyed.
The SO will be destroyed.
The domain will be destroyed.
Are you sure you wish to continue?
Type
'proceed' to continue, or 'quit' to quit now -> proceed
Resetting HSM
Command Result : No Error
lunacm:>
lunacm:> hsm init -label myLuna
You
are about to initialize the HSM that is in the
factory reset (zeroized) state.
All objects will be destroyed.
The User will be destroyed.
You are required to provide the current SO PED key.
The domain will NOT be destroyed.
Are you sure you wish to continue?
Type 'proceed' to continue, or 'quit' to quit now -> proceed
Command Result : No Error
lunacm:>