Use loginHSM and logoutHSM in key_mgmt_tool to start and end a session with your HSM cluster. Once logged in as a CU (Crypto User), you can run key management operations.
Important
In key_mgmt_tool, loginHSM only supports the CU user type. To log in as other user types, use the loginHSM and logoutHSM commands in hsm_mgmt_tool.
Prerequisites
Before you begin, make sure that you have:
Started key_mgmt_tool
Your CU username and password
Syntax
loginHSM -u <user type>
{ -p <password> | -hpswd }
-s <username>
logoutHSMImportant
Enter parameters in the order shown in the syntax.
Parameters
loginHSM accepts the following parameters. logoutHSM takes no parameters.
| Parameter | Description | Required |
|---|---|---|
-u | User type. The only supported value is CU. | Yes |
-p <password> | Login password. Must be 7–32 characters, case-sensitive. The password is shown in plaintext as you type. | Yes (use either -p or -hpswd) |
-hpswd | Hidden password mode. The system prompts you to enter your password without echoing it to the screen. Use this instead of -p to avoid exposing your password in plaintext. | Yes (use either -p or -hpswd) |
-s | Username. | Yes |
Examples
Log in with a plaintext password
Command: loginHSM -u CU -s crypto_user -p user123
Cfm3LoginHSM returned: 0x00 : HSM Return: SUCCESS
Cluster Status:
Node id 0 status: 0x00000000 : HSM Return: SUCCESSLog in with a hidden password
Use -hpswd instead of -p <password>. The system prompts you for your password and hides what you type.
Command: loginHSM -u CU -s crypto_user -hpswd
Enter password:
Cfm3LoginHSM returned: 0x00 : HSM Return: SUCCESS
Cluster Status:
Node id 0 status: 0x00000000 : HSM Return: SUCCESSLog out
Command: logoutHSM
Cfm3LogoutHSM returned: 0x00 : HSM Return: SUCCESS
Cluster Status:
Node id 0 status: 0x00000000 : HSM Return: SUCCESS