Logging In as HSM Security Officer

Before you can create an application partition or perform other administrative functions on the HSM, you must log in to the Luna PCIe HSM's Admin partition as HSM Security Officer (SO), or administrative commands will fail.

To log in as HSM SO

1.Launch LunaCM on the Luna PCIe HSM host workstation.

2.Set the active slot to the HSM Admin partition.

lunacm:> slot set -slot <slotnum>

3.Log in as HSM SO.

lunacm:> role login -name so

You are prompted for the HSM SO credential.

Failed HSM SO Login Attempts

If you fail three (3) consecutive HSM SO login attempts, application partitions are destroyed, the HSM is zeroized and all of its contents are rendered unrecoverable. The number is not adjustable. As soon as you authenticate successfully, the counter is reset to zero.

NOTE   The system must actually receive some erroneous/false information before it logs a failed attempt; if you merely forget to insert a PED key, or insert the wrong color key, that is not counted as a failed attempt. You must insert an incorrect PED key of the correct type to fail a login attempt.