Home > |
---|
Initialize a Remote PED vector. This command creates a new Remote PED Key by doing the following:
• initializing a Remote PED vector (RPV)
• imprinting the RPV onto the current HSM as well as onto an orange PED Key (RPK).
–The RPK is kept with the Remote PED, when you set up a Remote PED workstation. The RPK allows a SafeNet Network HSM with that RPV to connect to a Remote PED workstation where the attached PED provides the matching RPV, via the orange RPK. ]
–The RPV is a secret that facilitates the secure connection between a particular HSM that has that secret, and a Remote PED Server computer that has the RPK containing the identical secret. The HSM must be connected to a computer that runs Remote PED client, to manage the HSM's end of the Remote PED connection. More than one HSM can be imprinted with the same RPV, but a single Remote PED Server can connect with only one such remotely located HSM (via its client) at one time.
Note: You must be logged into the HSM as SO/HSM Admin (with the blue SO PED Key), before you can run this command.
Note: To set up or erase a PED vector, or to make or break the Remote PED connection, on an HSM that is externally connected to the SafeNet Network HSM, use the "-serial" option to specify the target HSM. If "-serial" is not specified, then the command acts on the SafeNet Network HSM's internal HSM card.
hsm ped vector init [-serial <serialnum>] [-force]
Parameter | Shortcut | Description |
---|---|---|
-force | -f | Force the action without prompting. |
-serial | -s | Specifies the serial number of the remote PED for which you want to erase the remote PED vector. |
lunash:>hsm ped vector init
If you are sure that you wish to initialize remote PED vector (RPV), then enter 'proceed', otherwise type 'quit'.
> proceed
Proceeding...
Luna PED operation required to initialize remote PED key vector - use orange PED key(s).
Ped Client Version 1.0.5 (10005)
Ped Client launched in shutdown mode.
PED client local IP : 192.20.9.77/192.168.255.223
Shutdown passed.
Command Result : 0 (Success)
[mylunasa] lunash:>