hsm ped vector init
Initialize a Remote PED vector. This command creates a new Remote PED key by doing the following:
> Initializing a Remote PED vector (RPV)
> Imprinting the RPV onto the current HSM as well as onto an orange PED key.
•The orange PED key is kept with the Remote PED, when you set up a Remote PED workstation. The orange PED key allows a Luna Network HSM 7 with that RPV to connect to a Remote PED workstation where the attached PED provides the matching RPV, via the orange PED key.
•The RPV is a secret that facilitates the secure connection between a particular HSM that has that secret, and a Remote PED Server computer that has the RPK containing the identical secret.
The HSM must be connected to a computer that runs Remote PED client, to manage the HSM's end of the Remote PED connection. More than one HSM can be imprinted with the same RPV, but a single Remote PED Server can connect with only one such remotely located HSM (via its client) at one time.
NOTE If the HSM is initialized, you must be logged in as HSM SO (blue PED key) to initialize the RPV.
If the HSM is uninitialized, you can:
>initialize the RPV remotely by providing a one-time 8-digit PIN
>initialize the RPV locally by connecting a Luna PED to the HSM
To set up or erase a Remote PED vector, or to make or break the Remote PED connection, on an HSM that is externally connected to the Luna Network HSM 7, use the "-serial" option to specify the target HSM. If "-serial" is not specified, then the command acts on the Luna Network HSM 7's internal HSM card.
User Privileges
Users with the following privileges can perform this command:
>Admin
Syntax
hsm ped vector init [-serial <serialnum>] [-force]
| Argument(s) | Shortcut | Description |
|---|---|---|
| -force | -f | Force the action without prompting. |
| -serial <serialnum> | -s | Specifies the serial number of the HSM for which you want to initialize the remote PED vector. |
Example
lunash:>hsm ped vector init If you are sure that you wish to initialize remote PED vector (RPV), then enter 'proceed', otherwise type 'quit'. > proceed Proceeding... Luna PED operation required to initialize remote PED key vector - use orange PED key(s). Command Result : 0 (Success)
