Home >

LunaCM Command Reference Guide > LunaCM Commands > hsm > hsm login

hsm login

Login to the HSM as the security officer (SO).

Note:  The lunacm hsm commands appear only when the current slot selected in lunacm is for a locally-installed HSM, such as a SafeNet PCIe HSM or SafeNet USB HSM. When lunacm is directed at a slot corresponding to a remote SafeNet Network HSM, the HSM-level commands do not appear, since lunacm has a client-only connection to a remote HSM and therefore cannot log in as SO to a remote HSM. To access HSM commands on the SafeNet Network HSM appliance, you must use the Luna Shell (lunash).

Syntax

hsm login [-password <hsm_SO_password>] [-ped <ped Id>]

Parameter Shortcut Description
-password -pa Applies to Password-authenticated HSMs; ignored for PED-authenticated HSMs.
Specifies the HSM Admin password. The password to be used as login credential by the Security Officer (SO). As shown, you can supply the password at the command line (useful for scripting). Normally, however, you should leave out the password when issuing the command. If the password is not provided, you are prompted for it, and your response is obscured by asterisk (****) symbols. This a more secure method of providing the password.
-ped -pe Applies to PED-authenticated HSMs, only. This option is a temporary way to override PED ID settings or default.

The PED Id parameter is optional. (0=local,1...65535=remote)
If '0' is specified, the locally attached PED is used. If a value between 1 and 65535 is specified, the remote PED corresponding to that PED Id is used.

If nothing is specified, then the value stored in the library for this slot is used. Unless the value stored in the library has been changed by using the 'ped set' command, or the 'PEDId' parameter in the 'Luna' section of cryptoki.ini, the value in the library is '0'.

NOTE: The '-ped' option asserts for the duration of this login command, only. After the login completes, any PED ID that was set by the '-ped' option then reverts to whatever value was in effect before "hsm login -ped <PED Id>".

Example

HSM login using the -password option (not recommended)

lunacm:> hsm login -password SOpa55word!

Command Result : No Error

HSM login without the -password option

lunacm:> hsm login

Option -password was not supplied. It is required.

Enter the password: ***********

Command Result : No Error