Home > |
---|
Login to the HSM as the security officer (SO).
Note: The lunacm hsm commands appear only when the current slot selected in lunacm is for a locally-installed HSM, such as a Luna PCI-E. When lunacm is directed at a slot corresponding to a remote Luna SA, the hsm-level commands do not appear, since lunacm has a client-only connection to a remote HSM and therefore cannot log in as SO to a remote HSM. To access HSM commands on the Luna SA appliance, you must use the Luna Shell (lunash).
hsm login [-password <hsm_SO_password>] [-ped <ped Id>]
Parameter | Shortcut | Description |
---|---|---|
-password | -pa | Applies to Password-authenticated HSMs; ignored for PED-authenticated HSMs. Specifies the HSM Admin password. The password to be used as login credential by the Security Officer (SO). As shown, you can supply the password at the command line (useful for scripting). Normally, however, you should leave out the password when issuing the command. If the password is not provided, you are prompted for it, and your response is obscured by asterisk (****) symbols. This a more secure method of providing the password. |
-ped | -pe | Applies to PED-authenticated HSMs, only. This option is a temporary way to override PED ID settings or default. The PED Id parameter is optional. (0=local,1...65535=remote) If '0' is specified, the locally attached PED is used. If a value between 1 and 65535 is specified, the remote PED corresponding to that PED Id is used. If nothing is specified, then the value stored in the library for this slot is used. Unless the value stored in the library has been changed by using the 'ped set' command, or the 'PEDId' parameter in the 'Luna' section of cryptoki.ini, the value in the library is '0'. NOTE: The '-ped' option asserts for the duration of this login command, only. After the login completes, any PED ID that was set by the '-ped' option then reverts to whatever value was in effect before "hsm login -ped <PED Id>". |
lunacm:> hsm login -password SOpa55word!
Command Result : No Error
lunacm:> hsm login
Option -password was not supplied. It is required.
Enter the password: ***********
Command Result : No Error