Remote Management

Some local console operations can also be carried out remotely using the Dinamo client software installed on Windows systems. A USB smart card reader plugged into the station will be required.

Once authentication is complete, the following HSM management operations will be available remotely:

  1. Stop service
  2. Restart
  3. Switch off
  4. Unlock master user
  5. Online synchronization(Database live sync)
  6. Return to factory mode
  7. Changing the operating mode

To enable this functionality, the HSM must be configured for remote management (Remote Management). Enter the Configuration option in the main menu of the local console and then the Load Remote Management option. From this point on, the HSM will accept remote connections for configuration commands. To disable this, simply press Esc.

                        Dinamo - Local Management Console






                         ┌──────────┤ Main ├──────────┐
                         │    About                   │
                         │    Stop Service            │
                         │    Monitor              ▸  │
                         │    Remote Management       │
                         │    Configuration        ▸  │
                         │    Partition            ▸  │
                         │    Self Test               │
                         │    Lock Console            │
                         │    Power Off            ▸  │
                         └────────────────────────────┘






  Service running...                                Replication Domain: <none>
Remote management option on the local console
                        Dinamo - Local Management Console






                ┌─────────┤ RM (press ESC to exit) ├──────────┐
                │                                             │
                │                                             │
                │                                             │
                │      ready to process remote commands       │
                │                                             │
                │                                             │
                │                                             │
                └─────────────────────────────────────────────┘








  Service running...                                Replication Domain: <none>
Remote management enabled

Only one remote configuration connection can be opened at a time. If a connection is already open, a new one will be denied.

There is an inactivity tolerance time for the remote connection of 2 minutes. If the remote connection is not used, it will be terminated automatically.

When remote management is in use, the local console will display information about the state of the connection, such as the source IP address and the bundle of cryptographic algorithms used in the session.

                        Dinamo - Local Management Console






                ┌─────────┤ RM (press ESC to exit) ├──────────┐
                │                                             │
                │                                             │
                │                                             │
                │       active manager: 172.17.0.1            │
                │                                             │
                │                                             │
                │                                             │
                └─────────────────────────────────────────────┘








  Service running...                                Replication Domain: <none>
Active connection in HSM remote management

Local access to the HSM always takes priority over remote access. Any local activity will disable remote management until the HSM is configured again.

If the HSM is switched off or restarted remotely, remote management will be active when the HSM returns.

See the topic Device management for more information on using Dinamo client software for remote management.