token backup show
Displays the token label and firmware version for the specified backup token.
CAUTION: Wait at least 20 seconds before you run the token backup
show command after performing a backup token backup
firmware update.
If you run the token backup
showcommand within 10 seconds or less following a successful completion
of token
backup update firmware, the token backup
show command will hang and the green LED on the token reader will
continue to flash. The work-around for the hanging state is to remove and re-insert
the backup token and then rerun the token backup
show command.
Note: WHEN to USE lunash "token backup" commands, or use "vtl backup" commands?
LunaSH token backup commands operate a SafeNet Backup HSM attached directly to SafeNet Network HSM via USB, and are not intended for use with remotely connected backup devices.
You might have a locally-connected backup HSM
[ connects directly to a SafeNet Network HSM via USB cable ] and a locally connected serial terminal and be walking them from SafeNet Network HSM to SafeNet Network HSM in your server room to perform backups. Or you might be administering remotely via SSH and lunash:> commands, while a technician in your server center carries the backup HSM from one SafeNet Network HSM to the next. In either case, these "token backup" commands are the method to use.The important distinction is where the backup HSM is physically connected - from the SafeNet Network HSM perspective, those are both local backup operations to a Backup HSM that is locally connected to the appliance.
VTL backup commands operate a SafeNet Backup HSM connected to a computer, and located distantly from your primary SafeNet Network HSM appliance. The VTL backup commands are not for use with a SafeNet Backup HSM that is connected directly to your SafeNet Network HSM appliance.
For true, hands-off, lights-out operation of your SafeNet appliances, use a SafeNet Remote Backup HSM located in your administrator's office [ or other convenient location ], connected to a computer acting as a Remote Backup server [ this could be your administrative workstation, or it could be a completely separate computer ]. This means the computer and Backup HSM are located near you and remote/distant from your SafeNet Network HSM appliance(s). For that application, use the backup commands in the VTL utility supplied with the SafeNet Network HSM Client software [ which must be installed on the computer that is acting as Remote Backup server ] - the appliance token backup commands (previous paragraph) are not designed to work for Remote Backup.
The HSM firmware needs approximately 2K bytes of memory to manage each partition and data objects in it. To avoid you having to calculate the exact memory space available for data storage -- with you deducting the memory used by internal data structures --the "partition list" command adjusts the memory size attributes for you. Thus, the total available memory reported by "partition list" will be different than that reported by "token backup show" and "token backup partition list."
Syntax
token backup show -serial <serialnum>
| -serial |
-s |
The serial number of thebackup HSM/token. |
Example
lunash:> token backup show -serial 667788
Token Details:
============
Token Label: samBK
Serial #: 667788
Firmware: 6.0.8
Hardware Model: SafeNet USB HSM
Authentication Method: PED keys
Token Admin login status: Logged In
Token Admin login attempts left: 3 before Token zeroization!
Partition Information:
======================
Partitions licensed on token: 20
Partitions created on token: 0
----------------------
There are no partitions.
Token Storage Information:
==========================
Maximum Token Storage Space (Bytes): 16252928
Space In Use (Bytes): 0
Free Space Left (Bytes): 16252928
License Information:
====================
621010355-000 621-010355-000 G5 Backup Device Base
621000005-001 621-000005-001 Backup Device Partitions 20
621000006-001 621-000006-001 Backup Device Storage 15.5 MB
621000007-001 621-000007-001 Backup Device Store MTK Split Externally
621000008-001 621-000008-001 Backup Device Remote Ped Enable
Command result : 0 (Success)