This command presents the recovery key generated for the current user (via
encrypt_recovery_key_generate or encrypt_recovery_key_rekey) for the user to
store in a secure manner. Then, after running this command, the user needs to
'prove' that they have the key by entering it via the encrypt_recovery_key_verify
command. Once this is done successfully, encrypt_recovery_key_get will no longer
present the users key. Using encrypt_recovery_key_get more than once will return
the same value again.
Example:
xcli -u secadmin1 -p password -c XIV encrypt_recovery_key_get
Output:
Command executed successfully.
key=B07C4374AC26C4DD3EC2E755EB3FAAF04EC792C8BE0D0CB1C1BAC79998EBEC6D
Access Control:
User Category Permission
Storage administrator Disallowed
Storage integration administrator Disallowed
Application administrator Disallowed
Security administrator Allowed
Read-only users Disallowed
Technicians Disallowed
Completion Codes:
v UNSUPPORTED_HARDWARE
Cannot utilize encryption on unsupported hardware.
Troubleshooting: Contact support to verify encryption status.
v INVALID_RECOVERY_KEY_USER
User is not a valid recovery key administrator.
Troubleshooting: Check that the user names provided are valid
v NO_LIVE_KEYSERVER_GATEWAY_NODE
There is no live key server gateway node on the system.
Troubleshooting: Please restart the key server gateway node and retry.
v CANNOT_READ_FROM_KEY_REPOSITORY
Failed reading keys from the key repository.
Troubleshooting: Contact support.
v CANNOT_GET_NEW_KEY_REQUEST
Error requesting encryption keys from the key server gateway node.
Troubleshooting: Check that the key server is actively serving keys
v KEYSERVER_COMMUNICATION_GENERIC_ERROR
Cannot connect to an active key server.
Troubleshooting: Invoke encrypt_key server_list and event_list for more details.
v NO_MASTER_KEYSERVER_DEFINED
There is no master key server defined on the system.
500 IBM XIV Storage System User Manual
To Next Page
Loading...
Need help?
General
