Home > |
Appliance Administration Guide > Configuration without One-step NTLS > [Step 2] Configure the Appliance for your Network > First Login and Changing Password
|
---|
Following the instructions in the previous pages, you have already:
•gathered the necessary network and security information
•made a connection (preferably serial) between your administration computer and your HSM appliance.
When you have connected to the HSM Server, the onboard secure Command Line Interface ( with the lunash:> prompt) is independent of the platform (Linux, BSD, Windows, Solaris, HP-UX or AIX) that you used to connect (however, we assume that most lab/server rooms have a Linux or Windows PC available)
Password defaults |
|
---|---|
Admin (appliance) default password |
PASSWORD (via local serial link or via SSH) |
Operator (appliance) default password | PASSWORD (via local serial link or via SSH) |
Monitor (appliance) default password | PASSWORD (via local serial link or via SSH) |
Recover account (appliance) default password | PASSWORD (accessed via local serial link only) |
1.At the prompt, log in as “admin”. The initial password is “PASSWORD” (without the quotation marks).
login as: admin admin@<hostname>’s password: PASSWORD
2.For security, you are immediately prompted to change the factory-default password for the ‘admin’ account.
SafeNet Network HSM 5.4.0-14 [Build Time: 20131223 11:55
]
Authorized Use Only
[localhost] ttyS0 login: admin
Password:
You are required to change your password immediately (root enforced)
Changing password for admin
(current) UNIX password:
You can now choose the new password.
A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use an 8 character long
password with characters from at least 3 of these 4 classes.
An upper case letter that begins the password and a digit that
ends it do not count towards the number of character classes used
.
Enter new password:
Re-type new password:
Last login: Mon Jan 30 11:24:00 from 192.20.10.180
SafeNet Network HSM 5.4.0-14 Command Line Shell - Copyright (c) 2001-2013 SafeNet, Inc. All rights reserved.
Command Result: 0 (Success)
[local_host] lunash:>
(The above represents a local serial connection; text will differ slightly for an SSH connection)
Note: The username and passwords are case-sensitive.
Note: To protect the HSM appliance and its HSM from vulnerabilities due to weak
passwords, new passwords must be at least eight characters in length,
and must include characters from at least three of the following four
groups:
– lowercase alphabetic (abcd...xyz)
– uppercase alphabetic (ABCD...XYZ)
– numeric (0123456789)
– special (non-alphanumeric, -_!@#$%&*...)
Note: You must login within two minutes of opening an administration session, or the connection will time out.
3.Record the new password on a worksheet.
CAUTION: Keep your passwords secure, as you would for any device.
Note: If you forget your password, you can use a local serial connection to login to the Recover account. SeeForgotten Passwords / Lost Authentication.
After successful login, the HSM appliance presents the lunash prompt. Just type "?" or "help" and press [Enter] for a summary of the main commands. Type "?" followed by any of the commands, with or without parameters, and press [Enter] to see a summary of sub-commands and parameters for that command.
lunash:>?
The following top-level commands are available:
Name (short) Description
--------------------------------------------------------------------------------
help he Get Help
exit e Exit Luna Shell
client c > Client
hsm hs > Hsm
htl ht > Htl
my m > My
network ne > Network
ntls nt > Ntls
package pac > Package
partition par > Partition
service se > Service
status sta > Status
stc stc > Secure Trusted Channel
sysconf sysc > Sysconf
syslog sysl > Syslog
token t > Token
user u > User
Keywords which must be used as the first argument on the command line.
Type "help" (without the double quotes) followed by a command name for further information.
For example: type "help help" for help on the help command.
Note that a question mark ("?") can be used as an alias for "help".
Command Result : 0 (Success)