Using PSESH
The PSESH shell command line tool provides access to the SafeNet ProtectServer Network HSM shell for performing basic appliance configuration tasks such as network configuration and appliance software package updates and management.
PSESH commands are not case sensitive.
Access to PSESH is via SSH or the local console.
This chapter contains the following sections:
Users
The following users can access PSESH:
|
User |
Description |
|---|---|
| admin |
The admin user is responsible for managing the appliance. The admin user is able to execute all of the PSESH commands available to the pseoperator, as well as commands used to perform package upgrades/installations, troubleshooting, viewing log files, and extracting log files. The admin user is also able to reset the password for the pseoperator user. |
| audit |
The audit user is responsible for managing logging on the appliance. The audit user is able to execute the PSESH commands used to manage audit logging configuration, log rotation scheduling, and settings for the audit user role. |
| pseoperator |
The pseoperator user is responsible for configuring the appliance for client access. The pseoperator user is able to execute the PSESH commands used to configure the appliance network parameters such as IP addresses, iptables, and routes etc., as well as appliance settings such as the date/time, SNMP configuration, etc. |
Features
PSESH provides the following features:
|
Feature |
Description |
|---|---|
|
Command history |
You can scroll through the commands you have entered on the PSESH command line using the up/down arrows keys. |
| Console history | You can scroll up to see the console history with SHIFT+PageUp. |
|
Command shortcuts |
You must type sufficient letters of a command or sub-command to make the input unique in the current syntax. For example, you could invoke system syntax help with help, hel, he, but not just h (because there is also an hsm command and typing just "h" is not sufficient to indicate whether you want help or hsm). |
|
Command completion |
You can use the TAB key to automatically complete partially typed commands. This allows you to type only enough characters to uniquely identify the command, and then press TAB to automatically fill in the rest of the characters for the command. |
|
Command syntax help |
To display help information for a command, type help <command_name>, or ? <command_name>. |
Accessing PSESH
You can access PSESH by connecting a keyboard and monitor to the appliance, using a serial connection, or using an SSH client (such as puTTY in Windows or the ssh command in Linux) after the network settings have been configured.
To access PSESH:
1.Connect to the appliance (monitor and keyboard, serial connection, or SSH)
When a successful connection is made, a terminal window opens and the prompt login as: appears.
You can log in as admin, pseoperator, or audit (see Users for details on these roles).
2.You are prompted for the password. If this is the first time you have signed in as this user, the default password is password. You will be prompted to enter a new password.
Once you have logged in, the system presents the psesh:> prompt, includes the hostname you assigned to the appliance:
[myPSE] psesh:>
NOTE After three failed remote login attempts, the account will be locked out for 10 minutes.
You can now issue any PSESH command. For a summary, type ? or help and press Enter.
