role init

Initializes (creates) the named role on the current partition / slot, if applicable.

Use lunacm:> role list to see which roles are available on the current partition/slot.

Syntax

role init -name <role> [-password <password>]

Argument(s) Shortcut Description
-name <role> -n

Name of role to be initialized. You can type the entire string, or use the shortcut shown in parentheses (not case-sensitive).

Valid roles:

Crypto Officer (CO). The PO initializes the CO.

Limited Crypto Officer (LCO). The CO initializes the LCO.

Crypto User (CU). The CO initializes the CU.

-password <password> -p

The initial password for role, valid for the initial login only.

In LunaCM, passwords and activation challenge secrets must be 8-255 characters in length (NOTE: If you are using firmware version 7.0.x, 7.3.3, or 7.4.2, activation challenge secrets must be 7-16 characters in length). The following characters are allowed:

abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 !@#$%^&*()-_=+[]{}\|/;:',.<>?`~

Double quotation marks (") are problematic and should not be used within passwords.

Spaces are allowed; to specify a password with spaces using the -password or -newpw option of a command, enclose the password in double quotation marks.

NOTE   The role must change the initial password using the command role changepw during the initial login session, or when they attempt a subsequent login.

Example

Initializing the Crypto Officer role

lunacm:>role init -name co

        Please attend to the PED.

Command Result : No Error