Luna Administrative Shell: State and Status
The Luna administrator shell – aka LunaSH (Luna SA) and lush (Luna IS) – is a secure shell for administering the Luna Network HSM appliance.
Facility Keyword |
Software Process |
Log File |
---|---|---|
|
|
|
Expected Log Messages
The following log messages are normal and expected entries in the log files from various LunaSH commands.
Uptime
2012 Feb 29 12:05:01 myLuna syslog info lush: uptime before poweroff: 12:05:01 up 4 min, 1 user, load average: 0.08, 0.05, 0.01 2012 Feb 29 12:05:01 myLuna syslog info lush: uptime before reboot: 12:05:01 up 8 min, 1 user, load average: 0.09, 0.04, 0.01
These messages record how long the system had been up before an administrator restarted the Luna Network HSM appliance via lunash:>sysconf appliance poweroff or lunash:>sysconf appliance reboot.
Log Cleanup
2012 Feb 29 12:05:01 myLuna syslog info lush: Running the 'syslog cleanup' command, creating tarlogs then deleting all log files except hsm.log ... 2012 Feb 29 12:05:01 myLuna user notice lush: Running the 'syslog cleanup' command; created "logs_cleanup_20120229_0234.tgz" in the scp directory. 2012 Feb 29 12:05:01 myLuna user notice lush: The tar file containing logs is now available via scp as filename "logs_cleanup_20120229_0234.tgz". 2012 Feb 29 12:05:01 myLuna syslog info lush: Executed the 'syslog cleanup' command. Deleted all the log files except hsm.log. 2012 Feb 29 12:05:01 myLuna user notice lush: Executed the 'syslog cleanup' command. Created "logs_cleanup_20120229_0234.tgz" in the scp directory. 2012 Feb 29 12:05:01 myLuna user notice lush: The tar file containing logs is now available via scp as filename "logs_cleanup_20120229_0234.tgz".
These messages record that an administrator initiated a log compression and archival operation via syslog cleanup. The first three messages log initiation of the action and the last three messages log completion in the new messages file.
Change SSH Port
2012 Feb 29 12:05:01 myLuna user notice Lush: Changing the SSHD listen port number from 22 to 23.
This message records that an administrator changed the SSH listening port via sysconf ssh port.
Disabled Watchdog Timer
2012 Feb 29 12:05:01 myLuna user info wdt_heartbeat*: Disabled the WDT heartbeat program.
This message records that an administrator disabled the hardware watchdog timer via lunash:>sysconf appliance watchdog disable.
* Note that lush executes a utility to disable the watchdog timer. This utility creates the log entry under its process name.
Unexpected Log Messages
Under normal circumstances, you should not see any of these log messages. If you do, please contact Thales Technical Support to report the message and seek guidance on what to do next.
Failed to Create Log Archive
2012 Feb 29 12:05:01 myLuna syslog info lush: Failed to create logs_cleanup_20120229_0234.tgz: -1.
This message indicates that the syslog cleanup command failed to create the backup file: the tar utility returned an error, the last number in the log message.
Invalid Signature Mechanism
2012 Feb 29 12:05:01 myLuna user notice lush: ERROR - The current client certificate specifies md5WithRSAEncryption as the signature mechanism. This certificate is no longer useable and must be replaced in order to register the client. Please regenerate the client certificate.
This message indicates that the signature of the client certificate found while executing the client register command uses an insecure mechanism.