Home >

Administration Guide > HSM Initialization > HSM Initialization and Zeroization

HSM Initialization and Zeroization

Ideally, the hsm init command is used once, when you first configure your Luna HSM for use with your application, then you place the unit in service and never initialize it again. However, unanticipated situations or requirements can arise that might cause you to initialize the HSM. A simple example is that you might perform trial setups in a laboratory environment before placing your Luna system into a "live" or "production" environment.

For further detail and for explanations of the concepts "hard" init and "soft" init, see "Initialization Overview for PED-authenticated HSMs" and "Initialization Overview for Password-Authenticated HSMs".

Additional Notes

The Luna shell command 'hsm factoryReset' puts the HSM in a zeroized state. (See "What Does Zeroized Mean?".) To completely start over for configuration of the HSM, use hsm factoryReset, then hsm init.

It is not necessary to perform hsm login before hsm factoryReset. This is not considered a security issue because the command is accepted only via the local serial console. It is assumed that you provide sufficient physical security for your HSM appliance(s). An attacker who could interrupt or deny your use of the HSM by gaining access to your premises to make a serial connection and issue destructive commands could as easily steal or physically destroy the HSM while in your server room.

If you are taking a Luna SA out of service, to go into storage, or to be shipped to another location (or back to SafeNet), then after you perform hsm factoryReset, perform hsm init to overwrite any labels or settings that you previously made.

View a table that compares and contrasts various "deny access" events or actions that are sometimes confused.  "Comparison of Destruction/Denial Actions"