lunacm hsm Commands
This command, and all the lunacm hsm commands, appear only when the current slot selected in lunacm is for a local HSM, like an installed Luna PCI-E.
HSM commands do not appear in the lunacm command menu when lunacm is directed at a slot corresponding to a remote Luna SA - lunacm has a client-only connection to a remote HSM and therefore cannot log in as SO to a remote HSM.
For Luna SA, the HSM commands are available via the Luna appliance's Luna Shell (lunash:>), which can be accessed via ssh if you have the required authentication.
NAME
hsm login - Login HSM Security Officer
SYNOPSIS
lunacm:> hsm login -password <hsm_SO_password>
DESCRIPTION
Performs a login to the HSM as the SO.
OPTIONS
Command
(short)
Description
---------------------------------------------------------
-password -p
HSM
Admin Password
-password [mandatory]
The password to be used as login credential by the Security Officer (SO).
As shown, you can supply the password at the command line (useful for
scripting). Normally, however, you should leave out the password when
issuing the command. If the password is not provided, you are prompted
for it, and your response is obscured by asterisk (****) symbols. This
a more secure method of providing the password.
SAMPLE OUTPUT
lunacm:> hsm login -password SOpa55word!
Command Result : No Error
lunacm:>
The password in the example follows strong password guidelines, with mixed upper-and lowercase, the use of numeric characters and the use of a punctuation character. Again, in a "live" or production environment, you should not provide the password with the command, but wait to be prompted so that your password is not displayed on-screen and therefore is not vulnerable to unauthorized viewing.
lunacm:> hsm login
Option
-password was not supplied. It
is required.
Enter
the password: ***********
Command Result : No Error
lunacm:>