User Guide DDOC0199-000-A9
1-Slot Data Transport System (CSfC) 6 - 9 Encryption
© 2024 Curtiss-Wright Defense Solutions Revision 3.0
Example
6.3.5.5 Autoload Key
NOTE
The auto-load command is not required when reinstalling or swapping a RMC module whose key
is saved in the crypto module nor is it required between power cycles, provided the login creden-
tials are saved.
This command automatically matches the correct key in the encryptor memory to the RMC module
in the specified slot (e,g. -s 0). This feature works for any RMC module that has its key stored in
the DTS1+ CSfC crypto module. This command is especially useful in reestablishing the DTS1+
CSfC to RMC module key association after zeroization or installation of RMC modules from the
field into a lab DTS1+ CSfC. In both cases the keys must be stored or restored in the DTS1+ CSfC
crypto module. To autoload a key type cmkey --auto –s 0 and press E
NTER key.
Example
6.3.5.6 Delete Key
This command removes the specified key from crypto module storage only and has no effect on
the RMC module. The value following the --del parameter is the position number used in the Save
command. To delete a key from the crypto module type cmkey --del 0 thru 31 and press
E
NTER key.
Example
6.4 Software Layer Encryption
CAUTION
DATA SECURITY. Be sure to CLOSE the session after initializing or entering the software
encryption layer. Leaving the session open can expose the passphrase to unauthorized access.
NOTE
The RMC module must have services assigned before the software encryption layer can be initial-
ized / entered.
The rmcctl -C command allows the user to view and alter the DTS1+ CSfC disk encryption options.
The software encryption layer uses containers to hold the data. Creation of a container requires
the use of a password or passphrase. Refer to paragraph 6.1.2 Software Layer Passwords /
Passphrases for requirements.
6.4.1 Unpartitioned Disk
Disks cannot be partitioned after software encryption has been performed.
6.4.1.1 Initialize Container (Unpartitioned Disk)
CAUTION
DATA LOSS. Initializing SWE will overwrite / destroy any existing data on the disk. As a result the -
-force option must be used.
Initialize a Software Encryption (SWE) container on an RMC module as follows:
cw_dts> cmkey --unload 0 thru 31 –s 0
[cmkey]
CMKEY: action=unloaded slot=0 status=OK
[!cmkey] OK
cw_dts> cmkey --auto –s 0
[cmkey]
CMKEY: action=auto slot=0 status=OK
[!cmkey] OK
cw_dts> cmkey --del 0 thru 31
[cmkey]
CMKEY: action=del status=OK
[!cmkey] OK
To Next Page
Loading...