Home >

LunaCM Command Reference Guide > LunaCM Commands > hsm

hsm

Access the hsm-level commands.

Note:  The lunacm hsm commands appear only when the current slot selected in lunacm is for a locally-installed HSM, such as a SafeNet PCIe HSM or SafeNet USB HSM. When lunacm is directed at a slot corresponding to a remote SafeNet Network HSM, the HSM-level commands do not appear, since lunacm has a client-only connection to a remote HSM and therefore cannot log in as SO to a remote HSM. To access HSM commands on the SafeNet Network HSM appliance, you must use the Luna Shell (lunash).

Syntax

hsm

changehsmpolicy
changepw
changesopolicy
clear
clone
contents
factoryreset
init
login
logout
migratepedkey
monitor
recoveryinit
recoverylogin
reset
restart
restoresim2
restoreuser
rollbackfw
setlegacydomain
showinfo
showmechanism
showpolicies
smkclone
updatefw

Parameter Shortcut Description
changehsmpolicy changehp Change the HSM Policy value. See hsm changehsmpolicy.
changepw changepw Change the HSM SO password. See hsm changepw.
changesopolicy changesp Change the SO Policy value. See hsm changesopolicy.
clear clr Delete all of the SO's token objects. See hsm clear.
clone clo Clone SO objects. See hsm clone.
contents con Show the contents of the SO partition. See hsm contents.
factoryreset f Factory reset the HSM. See hsm factoryreset.
init i Initialize the HSM. See hsm init.
login logi Login to the HSM as SO. See hsm login.
logout logo Logout from the HSM as SO. See hsm logout.
migratepedkey mig Migrate a PED Key from a legacy HSM. See hsm migratepedkey.
monitor mon Get HSM utilization information. See hsm monitor.
recoveryinit ri High Availability Initialize HSM (not related to load balancing). See hsm recoveryinit.
recoverylogin rl High Availability Login (not related to load balancing) . See hsm recoverylogin.
reset rese Restart the HSM. See hsm reset.
restart rs Restart the HSM. See hsm restart.
restoresim2 rsim2 Restore SO objects (using Scalable Key Storage2). See hsm restoresim2.
restoreuser ru Restore a user. See hsm restoreuser.
rollbackfw rb Rollback the HSM firmware. See hsm rollbackfw.
setlegacydomain sld Set the legacy domain. See hsm setlagacydomain.
showinfo si Get HSM information. See hsm showinfo.
showmechanism showm Show all mechanisms. See hsm showmechanism.
showpolicies sp Get HSM policy information. See hsm showpolicies.
smkclone smk

Clone the SMK object. See hsm smkclone.

updatecap uc Update the HSM capabilities. See hsm updatecap.
updatefw uf Update the HSM firmware. See hsm updatefw.

Note:  If the current slot is an HSM administrative slot (SO) for an HSM with firmware older than version 6.22.0, then the list of available "hsm" commands appears as:  
init  
recoveryinit  
recoverylogin  
login  
logout  
showinfo  
showpolicies  
changeHSMPolicy  
changeSOPolicy  
changePw  
contents  
clear  
updateFW  
rollbackFW  
updateCap  
reset  
factoryReset  
restoreSIM2  
restoreUser  
clone  
smkClone  
setLegacyDomain  
showmechanism  
monitor  

Note:  If the current slot is an HSM administrative slot (SO) for an HSM with firmware version 6.22.0 or newer, then the list of available "hsm" commands appears as:  
showinfo  
factoryReset  
zeroize  
restart  
init  
showpolicies  
changeHSMPolicy  
updateCap  
updateFW  
rollbackfw  
migratePedKey  
showmechanism  
monitor  

Some options that were previously "hsm" commands have become "role" commands.