token backup factoryreset

Reset a Luna Backup HSM to factory default settings (destroys the KEK or permanently denies access to existing objects, erasesor authentication, so you need to initialize before using again). Can be run only from the local serial console.

The action is equivalent to the hsm factoryReset command that acts on the appliance's built-in HSM.

View a table that compares and contrasts various "deny access" events or actions that are sometimes confused: Comparison of Destruction/Denial Actions

An external Luna Backup HSM can be USB-connected to a Luna Network HSM appliance for local backup/restore operations.

Luna Network HSM does not pass PED operations and data through to an externally-connected Luna Backup HSM from a Luna PED connected locally to the Luna Network HSM.

If the Backup HSM is PED-authenticated, then the options for Luna PED connection are:

>local PED connection, directly to the Backup HSM, when needed, or

>Remote PED connection, passed through the Luna Network HSM (requires minimum Luna Network HSM appliance software 7.7.0, see Backing Up to an Appliance-Connected Luna Backup HSM (G7) )

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

Syntax

token backup factoryreset -serial <serialnum> [-force]

Argument(s)	Shortcut	Description
-serial <serialnum>	-s	Specifies the Backup HSM serial number.
-force	-f	Force the action without prompting.

Example

lunash:>token backup factoryreset -serial 496771

CAUTION:  Are you sure you wish to reset this backup token to
          factory default settings? All data will be erased.

          Type 'proceed' to return the token to factory default, or
          'quit' to quit now.
          > proceed

'token backup factoryReset' successful.


Command Result : 0 (Success)