hsm restore

Restore the contents of the HSM from a backup token.

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

Syntax

hsm restore -serial <serialnum> [-password <password>] [-tokenadminpw <password>] [-force]

Argument(s) Shortcut Description
-force -f Force the action without prompting.
-password <password> -p Specifies the HSM Admin Password. Passwords are needed only for password-authenticated HSMs, and are not required at the command line. If a password is needed, you are prompted for it, and your response is hidden by asterisk characters (*).
-serial <serialnum> -s Specifies the Token Serial Number. The serial number of the backup token is required.
-tokenadminpw <password> -t Specifies the Token Admin Password. Passwords are needed only for password-authenticated HSMs, and are not required at the command line. If a password is needed, you are prompted for it, and your response is hidden by asterisk characters (*).

Example

lunash:>token backup list
 
Token Details:
============
Token Label:                            SA78_SIM-21/12/2011  
Slot:             1  
Serial #:         300555  
Firmware:         4.8.6  
Hardware Model:    Luna PCM G4
Command Result : 0 (Success)
  
lunash:>hsm restore -serial 300555
 
CAUTION:  This process will erase the current masking key on  
       this HSM and replace it with the one on the backup  
       token. Any keys masked off any partition on the  
       HSM with the existing masking key will be irretrievable.  
       Type 'proceed' to replace the masking key, or 'quit'  
       to quit now.  
       > proceed
Luna PED operation required to login as HSM Administrator - use Security Officer (blue) PED key.
Warning:  You will need to connect Luna PED to the SafeNet Luna Backup HSM to complete this operation.
       You may use the same Luna PED that you used for SafeNet Luna Network HSM.
       Please type 'proceed' and hit <enter> when you are ready to proceed>  proceed
Luna PED operation required to login to token - use token Security Officer (blue) PED key.
Masking key successfully cloned.  
'hsm restore' successful.
Command Result : 0 (Success)