token backup init
Initializes the Backup HSM with the specified serial number and prepares it to receive backup data. Both the -label and -serial parameters are required at the command line. For password-authenticated Luna Backup HSMs, the domain and HSM SO password are prompted, and your input is obscured by asterisk (*) symbols. For PED-authenticated HSMs, any typed values for domain or password are ignored and you are prompted for Luna PED operations with PED keys.
An external Luna Backup HSM can be USB-connected to a Luna Network HSM appliance for local backup/restore operations.
Luna Network HSM does not pass PED operations and data through to an externally-connected Luna Backup HSM from a Luna PED connected locally to the Luna Network HSM.
If the Backup HSM is PED-authenticated, then the options for Luna PED connection are:
>local PED connection, directly to the Backup HSM, when needed, or
>Remote PED connection, passed through the Luna Network HSM (requires minimum Luna Network HSM appliance software 7.7.0, see Backing Up to an Appliance-Connected Luna Backup HSM (G7) )
NOTE Luna Backup HSM (G5) must use a local SCP PED connection to initialize the HSM.
User Privileges
Users with the following privileges can perform this command:
>Admin
>Operator
Syntax
token backup init -label <label> -serial <serialnum> [-domain <domain>] [-tokenadminpw <password>] [-force]
| Argument(s) | Shortcut | Description |
|---|---|---|
| -domain <domain> | -d | Backup partition domain (required for password-authenticated HSMs, ignored for PED authenticated - if you prefer to not type it in the clear, on the command line, it is prompted later). |
| -force | -f | Force the action without prompting. |
| -label <label> | -l | Backup partition label. |
| -serial <serialnum> | -s | Luna Backup HSM serial number. |
| -tokenadminpw <password> | -t | Backup HSM SO password (required for password-authenticated HSMs, ignored for PED-authenticated - if you prefer to not type it in the clear, on the command line, it is prompted later). |
Example
lunash:>token backup init -label sa7docbackup -serial 496771
Please enter a password for the Token Administrator:
> ********
Please re-enter password to confirm:
> ********
Please enter a cloning domain used when initializing this HSM:
> *********
Please re-enter cloning domain to confirm:
> *********
CAUTION: Are you sure you wish to initialize the backup
token named: sa7docbackup
Type 'proceed' to continue, or 'quit' to quit now.
> proceed
'token backup init' successful.
Command Result : 0 (Success)
