|
Home > |
|---|
Access the hsm-level commands.
Note: The lunacm hsm commands appear only when the current slot selected in lunacm is for a locally-installed HSM, such as a SafeNet PCI-E HSM. When lunacm is directed at a slot corresponding to a remote SafeNet Network HSM, the hsm-level commands do not appear, since lunacm has a client-only connection to a remote HSM and therefore cannot log in as SO to a remote HSM. To access HSM commands on the SafeNet Network HSM appliance, you must use the LunaSH.
hsm
changehsmpolicy
changepw
changesopolicy
clear
clone
contents
factoryreset
init
login
logout
migratepedkey
monitor
recoveryinit
recoverylogin
reset
restart
restoresim2
restoreuser
rollbackfw
setlegacydomain
showinfo
showmechanism
showpolicies
smkclone
updatefw
| Parameter | Shortcut | Description |
|---|---|---|
| changehsmpolicy | changehp | Change the HSM Policy value. See hsm changehsmpolicy. |
| changepw | changepw | Change the HSM SO password. See hsm changepw. |
| changesopolicy | changesp | Change the SO Policy value. See hsm changesopolicy. |
| clear | clr | Delete all of the SO's token objects. See hsm clear. |
| clone | clo | Clone SO objects. See hsm clone. |
| contents | con | Show the contents of the SO partition. See hsm contents. |
| factoryreset | f | Factory reset the HSM. See hsm factoryreset. |
| init | i | Initialize the HSM. See hsm init. |
| login | logi | Login to the HSM as SO. See hsm login. |
| logout | logo | Logout from the HSM as SO. See hsm logout. |
| migratepedkey | mig | Migrate a PED Key from a legacy HSM. See hsm migratepedkey. |
| monitor | mon | Get HSM utilization information. See hsm monitor. |
| recoveryinit | ri | High Availability Initialize HSM (not related to load balancing). See hsm recoveryinit. |
| recoverylogin | rl | High Availability Login (not related to load balancing) . See hsm recoverylogin. |
| reset | rese | Restart the HSM. See hsm reset. |
| restart | rs | Restart the HSM. See hsm restart. |
| restoresim2 | rsim2 | Restore SO objects (using SIM2). See hsm restoresim2. |
| restoreuser | ru | Restore a user. See hsm restoreuser. |
| rollbackfw | rb | Rollback the HSM firmware. See hsm rollbackfw. |
| setlegacydomain | sld | Set the legacy domain. See hsm setlagacydomain. |
| showinfo | si | Get HSM information. See hsm showinfo. |
| showmechanism | showm | Show all mechanisms. See hsm showmechanism. |
| showpolicies | sp | Get HSM policy information. See hsm showpolicies. |
| smkclone | smk |
Clone the SMK object. See hsm smkclone. |
| updatecap | uc | Update the HSM capabilities. See hsm updatecap. |
| updatefw | uf | Update the HSM firmware. See hsm updatefw. |
Note: If the current slot is an HSM administrative slot (SO) for an HSM with firmware older than version 6.22.0, then the list of available "hsm" commands appears as:
init
recoveryinit
recoverylogin
login
logout
showinfo
showpolicies
changeHSMPolicy
changeSOPolicy
changePw
contents
clear
updateFW
rollbackFW
updateCap
reset
factoryReset
restoreSIM2
restoreUser
clone
smkClone
setLegacyDomain
showmechanism
monitor
Note: If the current slot is an HSM administrative slot (SO) for an HSM with firmware version 6.22.0 or newer, then the list of available "hsm" commands appears as:
showinfo
factoryReset
zeroize
restart
init
showpolicies
changeHSMPolicy
updateCap
updateFW
rollbackfw
migratePedKey
showmechanism
monitor
Some options that were previously "hsm" commands have become "role" commands.