sysconf config factoryReset
Reset the appliance to the settings created at the factory. You can specify any individual service's configuration, or just reset all of them to the initial factory settings with the '-all' option. This reset is for the configurations of the indicated services and does not affect the HSM.
This command affects appliance settings external to the HSM. To reset the HSM, use hsm factoryReset (which can be run from a local serial console only).
This command factory resets the configuration file and removes all certificates from the trust store.
We recommend disconnecting all NTLS connections before performing factory reset.
NOTE After factory reset of network services, it is normal for NTLS service to be still running. However, the CTC service stops (if it was running). Since none of the devices has a gateway, after reconfiguring of eth0, CTC is still inactive. Run sysconf ctc enable to resume CTC operation.
Files are not affected
The log files, and the content of users' home directories are not affected by this command.
>To clear log files you can use the syslog cleanup command. If you need to keep the logs, you should use the syslog tarlogs command, then scp the logs file to another computer before clearing the log files.
>To clear the content of the user’s home directory, use the my file clear command.
SO login required if "Force SO login" policy is set
If the Force SO login policy is set for the HSM (see command sysconf forceSOLogin show), then you must log in as SO before resetting
>the 'ntls' service,
>the ctc service,
>the ntp service,
>or 'all' services (which would include the previous three).
If the HSM is zeroized, then hsm login is not needed, even if ForceSOlogin is enabled.
ForceSOlogin is disabled following a successful hsm login if 'ntls' or 'all' services are reset.
What to do
To preserve desired settings and capabilities, we recommend that you perform sysconf config backup on your system whenever you upgrade or update or reconfigure, so as to have a backup with all desired configurations in place, and then use sysconf config restore if needed, reserving sysconf config factoryReset for only those occasions when you want the appliance set all the way back to original factory specification.
>Use this command along with the hsm factoryReset command, if you want internal HSM settings returned to factory default values.
>Use this command from a locally-connected serial terminal (or console server). This command resets network settings to use DHCP; as a result the network interfaces might be assigned new IP addresses. You can get the new IP addresses on the LCD or from a serial port connection.
>Disconnect all NTLS connections before factory reset.
User Privileges
Users with the following privileges can perform this command:
>Admin
Syntax
sysconf config factoryReset -service <service> [-force]
Argument(s) | Shortcut | Description |
---|---|---|
-force | -f | Force the action without prompting. |
-service <service> | -s |
Specifies the service name. Valid values: network,ssh,ntls,syslog,ntp,snmp,users,system,webserver,all |
Example with no active client connections
lunash:>sysconf config factoryReset -service all Checking for connected clients There are no active clients at this time. This command resets the configuration of the selected service(s) to factory defaults. Resetting services to factory defaults can affect connectivity and the operation of the HSM. If you are sure that you wish to proceed, then type 'proceed', otherwise type 'quit'. > proceed Proceeding... Resetting service(s) to factory defaults: ----------------------------------------- webserver : succeeded users : succeeded snmp : succeeded ntp : succeeded ntls : succeeded system : succeeded ssh : succeeded syslog : succeeded network : succeeded Command Result : 0 (Success)
Example with no active client connections and force option used
lunash:>sysconf config factoryReset -service all -force Checking for connected clients There are no active clients at this time. Force option used. Proceed prompt bypassed. Resetting service(s) to factory defaults: ----------------------------------------- webserver : succeeded users : succeeded snmp : succeeded ntp : succeeded ntls : succeeded system : succeeded ssh : succeeded syslog : succeeded network : succeeded Command Result : 0 (Success)
Example with active client connections
lunash:>sysconf config factoryReset -service all Checking for connected clients WARNING !! There are 1 client(s) connected to this Luna Network HSM appliance. It is recommended that you disconnect all clients before using this command. This command resets the configuration of the selected service(s) to factory defaults. Resetting services to factory defaults can affect connectivity and the operation of the HSM. If you are sure that you wish to proceed, then type 'proceed', otherwise type 'quit'. > proceed Proceeding... Resetting service(s) to factory defaults: ----------------------------------------- webserver : succeeded users : succeeded snmp : succeeded ntp : succeeded ntls : succeeded system : succeeded ssh : succeeded syslog : succeeded network : succeeded Command Result : 0 (Success)
Example with active client connections and force option used
lunash:>sysconf config factoryReset -service all -force Checking for connected clients WARNING !! There are 1 client(s) connected to this Luna SA appliance. It is recommended that you disconnect all clients before using this command. Force option used. Proceed prompt bypassed. Resetting service(s) to factory defaults: ----------------------------------------- webserver : succeeded users : succeeded snmp : succeeded ntp : succeeded ntls : succeeded system : succeeded ssh : succeeded syslog : succeeded network : succeeded Command Result : 0 (Success)