Troubleshooting: Check the currently defined key servers
v ENCRYPTION_KEYSERVER_IPV4_ALREADY_EXISTS
The IPv4 address or host name already exists.
Troubleshooting: Check the currently defined key servers
v ENCRYPTION_KEYSERVER_IPV6_ALREADY_EXISTS
The IPv6 address or host name already exists.
Troubleshooting: Check the currently defined key servers
v LOADED_KEYSERVER_CERTIFICATE_TOO_BIG
key server not added as the certificate is too large.
Troubleshooting: Please only use one certificate per PEM file.
Recovery Key Enter
Used to unlock encrypted disks when the system reboots and cannot access any of
the defined keyservers, and recovery keys were defined
encrypt_recovery_key_enter key=Key
Parameters:
Name Description Mandatory
key The 64 character hexadecimal
recovery key
Y
This command is used to unlock encrypted disks when the system reboots and
cannot access any of the defined keyservers. The min_req number (defined during
the encrypt_recovery_key_generate) of Security Administrators must all
successfully enter their recovery key (as presented to them via recovery_key_get)
before the disks can be unlocked. After the minimum required number of keys has
been entered, the storage admin must change the state from maintenance to on via
state_change target_state=on When this command is entered with the machine in
the "On" state, it has no effect, and can be used to check the validity of the
recovery key.
Example:
xcli -u -c XIV1 encrypt_recovery_key_enter
key=CBC9B398373FDE79CD38B23192DABACADB5DA63A915CB
F5CA8C4E0C212819DE6
Output:
Command executed successfully.
Access Control:
User Category Permission
Storage administrator Disallowed
Storage integration administrator Disallowed
Application administrator Disallowed
Security administrator Allowed
496 IBM XIV Storage System User Manual
To Next Page
Loading...
Need help?
General
