|
Home > |
|---|
Access the hsm-level commands.
Note: The lunacm hsm commands appear only when the current slot selected in lunacm is for a locally-installed HSM, such as a Luna PCI-E. When lunacm is directed at a slot corresponding to a remote Luna SA, the hsm-level commands do not appear, since lunacm has a client-only connection to a remote HSM and therefore cannot log in as SO to a remote HSM. To access HSM commands on the Luna SA appliance, you must use the Luna Shell (lunash).
hsm
changehsmpolicy
changepw
changesopolicy
clear
clone
contents
factoryreset
init
login
logout
migratepedkey
monitor
recoveryinit
recoverylogin
reset
restart
restoresim2
restoreuser
rollbackfw
setlegacydomain
showinfo
showmechanism
showpolicies
smkclone
updatefw
| Parameter | Shortcut | Description |
|---|---|---|
| changehsmpolicy | changehp | Change the HSM Policy value. See "hsm changehsmpolicy". |
| changepw | changepw | Change the HSM SO password. See "hsm changepw". |
| changesopolicy | changesp | Change the SO Policy value. See "hsm changesopolicy". |
| clear | clr | Delete all of the SO's token objects. See "hsm clear". |
| clone | clo | Clone SO objects. See "hsm clone". |
| contents | con | Show the contents of the SO partition. See "hsm contents". |
| factoryreset | f | Factory reset the HSM. See "hsm factoryreset". |
| init | i | Initialize the HSM. See "hsm init". |
| login | logi | Login to the HSM as SO. See "hsm login". |
| logout | logo | Logout from the HSM as SO. See "hsm logout". |
| migratepedkey | mig | Migrate a PED Key from a legacy HSM. See "hsm migratepedkey". |
| monitor | mon | Get HSM utilization information. See "hsm monitor". |
| recoveryinit | ri | High Availability Initialize HSM (not related to load balancing). See "hsm recoveryinit". |
| recoverylogin | rl | High Availability Login (not related to load balancing) . See "hsm recoverylogin". |
| reset | rese | Restart the HSM. See "hsm reset". |
| restart | rs | Restart the HSM. See "hsm restart". |
| restoresim2 | rsim2 | Restore SO objects (using SIM2). See "hsm restoresim2". |
| restoreuser | ru | Restore a user. See "hsm restoreuser". |
| rollbackfw | rb | Rollback the HSM firmware. See "hsm rollbackfw". |
| setlegacydomain | sld | Set the legacy domain. See "hsm setlagacydomain". |
| showinfo | si | Get HSM information. See "hsm showinfo". |
| showmechanism | showm | Show all mechanisms. See "hsm showmechanism". |
| showpolicies | sp | Get HSM policy information. See "hsm showpolicies". |
| smkclone | smk |
Clone the SMK object. See "hsm smkclone". |
| updatecap | uc | Update the HSM capabilities. See "hsm updatecap". |
| updatefw | uf | Update the HSM firmware. See "hsm updatefw". |
Note: If the current slot is an HSM administrative slot (SO) for an HSM with firmware older than version 6.22.0, then the list of available "hsm" commands appears as:
init
recoveryinit
recoverylogin
login
logout
showinfo
showpolicies
changeHSMPolicy
changeSOPolicy
changePw
contents
clear
updateFW
rollbackFW
updateCap
reset
factoryReset
restoreSIM2
restoreUser
clone
smkClone
setLegacyDomain
showmechanism
monitor
Note: If the current slot is an HSM administrative slot (SO) for an HSM with firmware version 6.22.0 or newer, then the list of available "hsm" commands appears as:
showinfo
factoryReset
zeroize
restart
init
showpolicies
changeHSMPolicy
updateCap
updateFW
rollbackfw
migratePedKey
showmechanism
monitor
Some options that were previously "hsm" commands have become "role" commands.