Skip to main content
Skip table of contents

PIN Entry Device (PED)

The following provides information about the PED.

For successful operations with the PED, it is necessary to have an up-to-date PED connected to the appliance.

The PED can be configured local or remote.

Remote use of PED is only supported on Windows or Linux computers.

PED

The PED has two important ports on its narrow top side:

  • A Mini-B USB port for connecting the PED directly to the appliance or to a remote workstation.

  • And a USB-A port for plugging in the required PED keys.

The assignment and function of the buttons as well as the prompts and texts on the display of the PED are self-explanatory.

If the PED transaction is interrupted for a certain period of time, the PED automatically switches to a time-out status.

PED Keys

A total of 10 PED Keys are available. There is also a sheet with labeled stickers. It is recommended to label the desired PED keys with the corresponding stickers in advance.

Color

Use

Blue sticker

Security Officer (required for the further procedure)

Red sticker

Domain (required for the further procedure)

Black sticker

Crypto Officer (required for the further procedure)

Orange sticker*

Remote PED (required in a remote PED setup for the further procedure)

The purpose of the individual PED keys is explained during the HSM configuration.

* Remote PED Key (RPK): an orange PED Key containing an RPV (or multiple PED keys with a split RPV in an M of N quorum implementation).

In the event that the IP address of the remote workstation on which the PED server application is running is changed, the RPV does not need to be reinitialized. The key material is already stored in the orange RPK. The HSM driver only needs to be restarted for the setup to continue.

PED Location

The PED can be configured local or remote.

Remote use of PED is only supported on Windows or Linux computers.

  1. Log in to your Next Generation Hardware Appliance.

  2. Open the Security page.

  3. In the section PIN Entry Device (PED) Configuration the first subsection is the
    PIN Entry Device Location. There are 2 ways to connect the PED to the HSM, the PED can operate locally or remote.
    2 tiles are displayed to chose from:

Local PED Connection

The PED is connected directly via cable to the HSM in the appliance.
Click PED connected to HSM.
No configurations are needed.

Remote PED Connection

The Luna PED with firmware 2.9.0 (or newer), must be connected to a workstation (Linux or Windows) via a USB cable. A PED server must be running on the workstation.

For further information refer to PED Entry Device for Remote Workstation
Click PED connected external to configure the device.

Clear the PED Caches

  • On the PED press < to Exit, change menus and clear the Key.
    A warning indicates that the Remote PED Key (RPK) will become invalid if you exit the menu now.
    Confirm to continue.

  • After the cache has been cleared, a list with four different modes is displayed to chose from.
    1 Local PED-SCP
    4 Admin
    7 Remote PED
    0 Local PED-USB

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.