Backing up the Authentication Key File
To back up the authentication key file, issue the controlencryption backup command. For
example:
cli% controlencryption backup backup1
The keystore must be backed up to prevent total loss of data. You will be prompted to twice for
the password for the backup file. The same password must be supplied on restore.
Restoring the Key File
Restoration of a key file is necessary only if there is a catastrophic problem and the key-files on all
nodes are destroyed or corrupted. Restore the key-file from an external source to the controller
nodes in the StoreServ system.
To restore the key file, issue the controlencryption restore command. For example:
cli% controlencryption restore backup1
Rekeying the Authentication Key
To change the authentication key and back up the authentication key file, issue the
controlencryption rekey command.
You can rekey the array at any time. You can also save and back up a new copy of the
authentication key file at any time. In the event of a recovery action requiring restoration of the
key file, the correct key file must be available; otherwise the data will be lost.
Showing Data Encryption Status
To see the status of data encryption, issue the following command:
controlencryption status
Optionally, issue the command with the -d option to show disks that are failed or not SED-capable.
#$ controlencryption status
Licensed Enabled BackupSaved State
yes
yes
#$ controlencryption status -d
Licensed Enabled BackupSaved State
yes
yes
Data encryption states (as seen under the State column in the foregoing example) are shown in
Table 7 (page
Table 7 Data Encryption States
System Encryption State
initializing
normal
recovery_needed
in_progress
yes
normal
yes
normal
115).
SeqNum
2
SeqNum Non-SEDs FailedDisks
2
0
Description
The data-encryption service is in the process of starting up.
Data encryption is in a normal state
Re-run the previous operation after addressing the reason
why the previous operation failed (this is most likely to have
been a failed drive).
An encryption operation is in progress. A task is generated
for the associated operations; the task can be reviewed in
Task Manager.
0
Using Self-encrypting Disks
1 15