I have two Nitrokey HSM 2 and I ran this command below TWICE on each key while using two separate dkek files for each custodian.
sc-hsm-tool --initialize --so-pin 3537363231383830 --pin 648219 --dkek-shares 2
Correct me if I’m wrong, I just realized I could use the same dkek share file for any new Nitrokeys. So, instead of keep creating new dkek files, I could create one and use for both keys.
So, can I redo the initialization so that I only use one dkek file per custodian?