LunaSH Command Summary
This section provides a summary of all of the LunaSH commands, and which users are able to access the commands.
The standard administrative users associated with the SafeNet appliance and HSM are as follows:
| Admin | Can to perform all possible commands (red, blue, or black in the table, below) |
| Operator | Can perform a subset of commands, including some that affect the state of the appliance or its HSM (blue or black in the table below) |
| Monitor | Can perform observational commands only, but cannot affect the state or contents of the appliance or its HSM (black-only in the table below) |
When you log into the appliance as one of the standard roles, you are able to see and use the subset of commands listed in the relevant column below. If you create additional named roles on the SafeNet appliance, they have the same command access as their equivalent standard-named role. You can also create custom user roles and specify the list of commands that user role is able to access (see Custom User Roles.
The following table lists, by category, the commands that each role can use:
| Admin | Operator | Monitor |
|---|---|---|
help |
||
|
help |
help |
help |
exit |
||
|
exit |
exit |
exit |
client |
||
|
client assignpartition client delete client fingerprint client hostip map client hostip show client hostip unmap client list client register client revokepartition client show |
client assignpartition client delete client fingerprint client hostip map client hostip show client hostip unmap client list client register client revokepartition client show |
client hostip show
client list
client show |
hsm |
||
|
hsm backup hsm changepolicy hsm changepw hsm checkcertificates hsm displaylicenses hsm factoryreset hsm firmware rollback hsm firmware show hsm firmware upgrade hsm generateDAK hsm information monitor hsm information reset hsm information show hsm init hsm loadcustomercert hsm login hsm logout
hsm ped connect hsm ped deselect hsm ped disconnect hsm ped select hsm ped show hsm ped server delete hsm ped server register hsm ped server list hsm ped set hsm ped timeout set hsm ped timeout show hsm ped vector erase hsm ped vector init
hsm restore hsm selftest hsm setlegacydomain hsm show hsm showpolicies
hsm stc activationtimeout set hsm stc activationtimeout show hsm stc cipher disable hsm stc cipher enable hsm stc cipher show hsm stc disable hsm stc enable hsm stc hmac disable hsm stc hmac enable hsm stc hmac show hsm stc identity create hsm stc identity delete hsm stc identity initialize hsm stc identity partition deregister hsm stc identity partition register hsm stc identity show hsm stc partition export hsm stc partition show hsm stc rekeythreshold set hsm stc rekeythreshold show hsm stc status
hsm stm recover hsm stm show hsm stm transport
hsm supportinfo hsm tamper clear hsm tamper show hsm update show hsm update capability hsm zeroize |
hsm backup
hsm checkcertificates hsm displaylicenses
hsm firmware rollback hsm firmware show hsm firmware upgrade hsm generateDAK hsm information monitor hsm information reset hsm information show
hsm loadcustomercert hsm login hsm logout
hsm ped connect hsm ped deselect hsm ped disconnect hsm ped select hsm ped show
hsm ped server list
hsm ped timeout set hsm ped timeout show
hsm restore hsm selftest
hsm show hsm showpolicies
hsm stc activationtimeout set hsm stc activationtimeout show hsm stc cipher disable hsm stc cipher enable hsm stc cipher show hsm stc disable hsm stc enable hsm stc hmac disable hsm stc hmac enable hsm stc hmac show hsm stc identity create hsm stc identity delete hsm stc identity initialize hsm stc identity partition deregister hsm stc identity partition register hsm stc identity show hsm stc partition export hsm stc partition show hsm stc rekeythreshold set hsm stc rekeythreshold show hsm stc status
hsm stm recover hsm stm show hsm stm transport
hsm supportinfo
hsm tamper show hsm update show hsm update capability
|
hsm checkcertificates hsm displaylicenses
hsm firmware show
hsm information monitor
hsm information show
hsm ped show
hsm ped server list
hsm ped timeout show
hsm selftest
hsm show hsm showpolicies
hsm stc status
hsm stm show
hsm supportinfo
hsm tamper show
|
my |
||
|
my file clear my file delete my file list my password expiry show my password set my public-key add my public-key clear my public-key delete my public-key list |
my file clear my file delete my file list my password expiry show my password set my public-key add my public-key clear my public-key delete my public-key list |
my file clear my file delete my file list my password expiry show my password set my public-key add my public-key clear my public-key delete my public-key list |
network |
||
|
network hostname
network dns add nameserver network dns add searchdomain network dns delete nameserver network dns delete searchdomain
network interface bonding config network interface bonding disable network interface bonding enable network interface bonding show network interface delete network interface dhcp network interface slaac network interface static
network ping
network route add network route clear network route delete network route show network route show
network show |
network hostname
network dns add nameserver network dns add searchdomain network dns delete nameserver network dns delete searchdomain
network interface bonding config network interface bonding disable network interface bonding enable network interface bonding show network interface delete network interface dhcp network interface slaac network interface static
network ping
network route add network route clear network route delete network route show network route show
network show |
network interface bonding show
network ping
network route show
network show |
ntls |
||
|
ntls bind
ntls certificate monitor enable ntls certificate monitor disable ntls certificate monitor show ntls certificate monitor trap trigger ntls certificate show
ntls information reset ntls information show
ntls ipcheck disable ntls ipcheck enable ntls ipcheck show
ntls show
ntls tcp_keepalive set ntls tcp_keepalive show
ntls threads set ntls threads show
ntls timer set ntls timer show |
ntls bind
ntls certificate monitor enable ntls certificate monitor disable ntls certificate monitor show ntls certificate monitor trap trigger ntls certificate show
ntls information reset ntls information show
ntls ipcheck disable ntls ipcheck enable ntls ipcheck show
ntls show
ntls tcp_keepalive set ntls tcp_keepalive show
ntls threads set ntls threads show
ntls timer set ntls timer show |
ntls certificate monitor show
ntls certificate show
ntls information show
ntls ipcheck show
ntls show
ntls tcp_keepalive show
ntls threads show
ntls timer show |
package |
||
|
package deletefile package erase package list package listfile package update package verify |
package deletefile package erase package list package listfile package update package verify |
package list package listfile
|
partition |
||
|
partition create partition backup partition delete partition list partition resize partition restore partition show |
partition create partition backup partition delete partition list partition resize partition restore partition show |
partition list
partition show |
service |
||
|
service list service restart service start service status service stop |
service list service restart service start service status service stop |
service list
service status
|
status |
||
|
status cpu status date status disk status handles status interface status mac status mem status memmap status netstat status ps status sensors status sysstat code status sysstat show status time status zone |
status cpu status date status disk status handles status interface status mac status mem status memmap status netstat status ps status sensors status sysstat code status sysstat show status time status zone |
status cpu status date status disk status handles status interface status mac status mem status memmap status netstat status ps status sensors status sysstat code status sysstat show status time status zone |
stc |
||
|
stc activationtimeout set stc activationtimeout show stc cipher enable stc cipher disable stc cipher show stc hmac enable stc hmac disable stc hmac show stc partition export stc partition show stc rekeythreshold set stc rekeythreshold show |
stc activationtimeout set stc activationtimeout show stc cipher enable stc cipher disable stc cipher show stc hmac enable stc hmac disable stc hmac show stc partition export stc partition show stc rekeythreshold set stc rekeythreshold show |
stc activationtimeout show
stc cipher show
stc hmac show
stc partition show
stc rekeythreshold show |
sysconf |
||
|
sysconf appliance hardreboot sysconf appliance poweroff sysconf appliance reboot sysconf appliance rebootonpanic disable sysconf appliance rebootonpanic enable sysconf appliance rebootonpanic show
sysconf banner add sysconf banner clear
sysconf config backup sysconf config clear sysconf config delete sysconf config export sysconf config factoryreset sysconf config import sysconf config list sysconf config restore sysconf config show
sysconf drift init sysconf drift reset sysconf drift set sysconf drift startmeasure sysconf drift status sysconf drift stopmeasure
sysconf fingerprint license sysconf fingerprint ntls sysconf fingerprint ssh
sysconf forcesologin enable sysconf forcesologin disable sysconf forcesologin show
sysconf license apply sysconf license list sysconf license revoke
sysconf ntp addserver sysconf ntp autokeyauth clear sysconf ntp autokeyauth generate sysconf ntp autokeyauth list sysconf ntp autokeyauth install sysconf ntp autokeyauth update sysconf ntp deleteserver sysconf ntp enable sysconf ntp disable sysconf ntp listservers sysconf ntp log tail sysconf ntp ntpdate sysconf ntp show sysconf ntp status sysconf ntp symmetricauth key add sysconf ntp symmetricauth key clear sysconf ntp symmetricauth key delete sysconf ntp symmetricauth key list sysconf ntp symmetricauth trustedkeys add sysconf ntp symmetricauth trustedkeys clear sysconf ntp symmetricauth trustedkeys delete sysconf ntp symmetricauth trustedkeys list
sysconf radius addserver sysconf radius deleteserver sysconf radius disable sysconf radius enable sysconf radius show
sysconf regencert
sysconf snmp enable sysconf snmp disable sysconf snmp notification add sysconf snmp notification clear sysconf snmp notification delete sysconf snmp notification list sysconf snmp show sysconf snmp trap clear sysconf snmp trap enable sysconf snmp trap disable sysconf snmp trap set sysconf snmp trap show sysconf snmp trap test sysconf snmp user add sysconf snmp user clear sysconf snmp user delete sysconf snmp user list
sysconf ssh device sysconf ssh ip sysconf ssh password disable sysconf ssh password enable sysconf ssh port sysconf ssh publickey disable sysconf ssh publickey enable sysconf ssh regenkeypair sysconf ssh show
sysconf time
sysconf timezone list sysconf timezone set sysconf timezone show |
sysconf appliance poweroff sysconf appliance reboot sysconf appliance rebootonpanic disable sysconf appliance rebootonpanic enable sysconf appliance rebootonpanic show
sysconf config list
sysconf config show
sysconf drift init sysconf drift reset sysconf drift set sysconf drift startmeasure sysconf drift status sysconf drift stopmeasure
sysconf fingerprint license sysconf fingerprint ntls sysconf fingerprint ssh
sysconf license list
sysconf ntp addserver sysconf ntp autokeyauth clear sysconf ntp autokeyauth generate sysconf ntp autokeyauth list sysconf ntp autokeyauth install sysconf ntp autokeyauth update sysconf ntp deleteserver sysconf ntp enable sysconf ntp disable sysconf ntp listservers sysconf ntp log tail sysconf ntp ntpdate sysconf ntp show sysconf ntp status sysconf ntp symmetricauth key add sysconf ntp symmetricauth key clear sysconf ntp symmetricauth key delete sysconf ntp symmetricauth key list sysconf ntp symmetricauth trustedkeys add sysconf ntp symmetricauth trustedkeys clear sysconf ntp symmetricauth trustedkeys delete sysconf ntp symmetricauth trustedkeys list
sysconf snmp enable sysconf snmp disable sysconf snmp notification add sysconf snmp notification clear sysconf snmp notification delete sysconf snmp notification list sysconf snmp show sysconf snmp trap clear sysconf snmp trap enable sysconf snmp trap disable sysconf snmp trap set sysconf snmp trap show sysconf snmp trap test sysconf snmp user add sysconf snmp user clear sysconf snmp user delete sysconf snmp user list
sysconf ssh device sysconf ssh ip sysconf ssh password disable sysconf ssh password enable
sysconf ssh publickey disable sysconf ssh publickey enable sysconf ssh regenkeypair sysconf ssh show
sysconf time
sysconf timezone list sysconf timezone set sysconf timezone show |
sysconf appliance rebootonpanic show
sysconf config list
sysconf config show
sysconf drift status
sysconf fingerprint license sysconf fingerprint ntls sysconf fingerprint ssh
sysconf license list
sysconf ntp listservers
sysconf ntp show sysconf ntp status
sysconf ntp symmetricauth key list
sysconf ntp symmetricauth trustedkeys list
sysconf snmp notification list sysconf snmp show
sysconf snmp trap show
sysconf snmp user list
sysconf ssh show
sysconf timezone list
sysconf timezone show |
syslog |
||
|
syslog cleanup syslog export syslog period syslog remotehost add syslog remotehost clear syslog remotehost delete syslog remotehost list syslog rotations syslog rotate syslog severity set syslog show syslog tail syslog tarlogs |
syslog export syslog period syslog remotehost add syslog remotehost clear syslog remotehost delete syslog remotehost list syslog rotations syslog rotate
syslog show syslog tail syslog tarlogs |
syslog show syslog tail syslog tarlogs |
token |
||
|
token backup factoryreset token backup init token backup list token backup login token backup logout token backup partition delete token backup partition list token backup partition show token backup show token backup update capability token backup update firmware token backup update show
token pki activate token pki changepin token pki clone token pki deploy token pki factoryreset token pki listall token pki listdeployed token pki predeploy token pki resetpin token pki undeploy token pki update capability token pki update firmware token pki update login token pki update logout token pki update show |
token backup factoryreset token backup init token backup list token backup login token backup logout token backup partition delete token backup partition list token backup partition show token backup show token backup update capability token backup update firmware token backup update show
token pki activate token pki changepin token pki clone token pki deploy token pki factoryreset token pki listall token pki listdeployed token pki predeploy token pki resetpin token pki undeploy token pki update capability token pki update firmware token pki update login token pki update logout token pki update show |
token backup list
token backup partition list token backup partition show token backup show
token backup update show
token pki listall token pki listdeployed
token pki update show |
User |
||
|
user add user delete user disable user enable user list user password user radiusadd user role add user role clear user role delete user role import user role list user role remove |
||
