Initializing the Remote PED Vector (RPV) and Creating the Orange PED Key

The Remote PED (via PEDserver) authenticates itself to the SafeNet Luna PCIe HSM with a randomly-generated encrypted value stored on an orange PED key. The orange key proves to the HSM that the Remote PED is authorized to perform authentication. A SafeNet Luna PCIe HSM administrator can create this key.

NOTE   Generally, the HSM SO creates an orange PED key (and backups), makes a copy for each valid Remote PED server, and distributes them to the Remote PED administrators.

If the HSM is already initialized, the HSM SO must log in to complete this procedure. You require:

>SafeNet Luna PED with firmware 2.7.1 or newer

>USB mini-B to USB-A connector cable

>Luna PED DC power supply (if included with your Luna PED)

>Blank or reusable orange PED key (or multiple keys, if you plan to make extra copies or use an M of N security scheme). See Creating PED Keys for more information.

To initialize the RPV and create the orange PED key locally

1.If you have not already done so, set up a Local PED connection (see Local PED Setup).

2.Launch LunaCM on the SafeNet Luna PCIe HSM host workstation.

3.If the HSM is initialized, login as HSM SO (role login). If not, skip to the next step.

lunacm:>role login -n so

4.Ensure that you have the orange PED key(s) ready. Initialize the RPV (ped vector).

lunacm:> ped vector init

lunacm:>ped vector init
        You are about to initialize the Remote PED Vector
        Are you sure you wish to continue?
 
        Type 'proceed' to continue, or 'quit' to quit now ->proceed
 
        RPV was successfully initialized.
 
Command Result : No Error

5.Attend to the Luna PED and respond to the on-screen prompts. See Creating PED Keys for a full description of the key-creation process.

If you have an orange PED key with an existing RPV that you wish to use for this HSM, press Yes.

If you are creating a new RPV, press No.

Continue following the prompts for PED PIN, M of N, and duplication options.

To continue setting up a Remote PED server, see Installing PEDserver and Setting Up the Remote Luna PED.


Customer Support Portal

SafeNet Luna PCIe HSM 7.3 Product Documentation  13 December 2019  Copyright 2001-2019 Thales. All rights reserved.