For a PED-authenticated appliance
1.
Login as Crypto Officer.
lunacm:> role login –name Crypto Officer
2.
Change Password.
(Option 1)
lunacm:> role changePw –name Crypto Officer –old <Existing Par PW> -newpw <New Par PW>
NOTE
Passwords are not masked, but the old\newpw attributes must be used;
otherwise, only the PED key will be changed.
(Option 2) Using '-prompt'
lunacm:> role changePw –name Crypto Officer -prompt
By using the '-prompt' switch, you will be prompted to enter the old and new passwords and they will be
masked on screen.
3.
Reset the Crypto Officer PED key.
This step is required to “reset” the CO PED key created by the Partition SO.
lunacm:> role changePw –name Crypto Officer
Respond to PED Prompts.
4.
Activate/cache the new Crypto Officer credentials by logging in.
lunacm:>role login –name Crypto Officer
5.
Exit the
lunacm
utility.
For a Password-authenticated appliance
1.
Login as Crypto Officer.
lunacm:> role login –name Crypto Officer
2.
Change Password.
lunacm:> role changePw –name Crypto Officer –old <Existing Par PW> -newpw <New Par PW>
NOTE
Passwords are not masked.
3.
Activate/cache the new Crypto Officer credentials by logging in.
lunacm:> role login –name Crypto Officer
4.
Exit the
lunacm
utility.
KeySecure k570 Appliance : Installation Guide
16 June 2020, Copyright © 2020 Thales Group. All rights reserved.
30