Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 108

Required, Values, Default, Server.password, Example, config.keystore.file, EKM | LocalOS - superuser default password

Get Dell PowerVault TL4000 PDF manuals and user guides View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 108 highlights

After the installation is done, you can start the Encryption Key Manager server. The Encryption Key Manager client can now login with OS-based user/password. Note that only user ID allowed to login and submit commands to the server is the user ID under which the server is running, and which also has superuser/root authority. A readme file included on your Dell product media and available at http://support.dell.com provides more installation details. Required Optional. Values EKM | LocalOS Default EKM Server.password = value Internal property. Do not edit. symmetricKeySet = {GroupID | keyAliasList [, keyAliasList,]} | Specifies the symmetric key aliases and key groups to be used for LTO 4 | and LTO 5 tape drives. | Required Optional. Applies to LTO 4 and LTO 5 tape cartridges only. Values Specify one value for GroupID or one or more values for keyAliasList. GroupID specifies a key group name to prime the list of symmetric keys and serve as default when no alias is specified for the tape drive. The GroupID must match an existing key group ID in the KeyGroups.xml file. If not, a KeyManageException is returned. If more than one GroupID is specified, a KeyManagerException is returned. When you specify a valid GroupID, the last key used in the Key Groups XML is tracked and a random selection for the next key is used each time getKey is called from the KeyGroups.xml for the list of symmetric keys.Each specification of keyAliasList contains either a value for keyAlias or keyAliasRange. keyAlias specifies the Backus-Naur Form (BNF) for a name or alias of a symmetric key in the keystore up to 12 characters long, or a sequentialKeyID exactly 21 characters long. keyAliasRange specifies a sequentialKeyID and hexadecimal digits up to 18 characters, separated by a hyphen (-). If 18 characters are specified the first two characters must be 00. Must be specified on one line and contain no cr-lf. GroupID specifies the name of a group of aliases. Example symmetricKeySet = KMA0238ab34,KMB0000034acd2345678a,THZ001-FF This instructs the Encryption Key Manager to use aliases KMA0238ab34, KMB0000034acd2345678a and the range of aliases THZ000000000000000001 through | THZ0000000000000000FF when serving keys to LTO 4 and | LTO 5 tape drives. These keys must exist in the keystore specified by config.keystore.file in the properties file. B-6 Dell Encryption Key Mgr User's Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
After the installation is done, you can start the Encryption Key Manager
server. The Encryption Key Manager client can now login with OS-based
user/password. Note that only user ID allowed to login and submit
commands to the server is the user ID under which the server is running,
and which also has superuser/root authority.
A readme file included on your Dell product media and available at
provides more installation details.
Required
Optional.
Values
EKM | LocalOS
Default
EKM
Server.password =
value
Internal property. Do not edit.
symmetricKeySet = {GroupID | keyAliasList [, keyAliasList,]}
Specifies the symmetric key aliases and key groups to be used for LTO 4
and LTO 5 tape drives.
Required
Optional.Applies to LTO 4 and LTO 5 tape cartridges only.
Values
Specify one value for
GroupID
or one or more values for
keyAliasList
.
GroupID
specifies a key group name to prime the list of
symmetric keys and serve as default when no alias is
specified for the tape drive. The
GroupID
must match an
existing key group ID in the KeyGroups.xml file. If not, a
KeyManageException is returned. If more than one
GroupID
is specified, a KeyManagerException is returned.
When you specify a valid
GroupID
, the last key used in the
Key Groups XML is tracked and a random selection for the
next key is used each time getKey is called from the
KeyGroups.xml for the list of symmetric keys.Each
specification of
keyAliasList
contains either a value for
keyAlias
or
keyAliasRange
.
keyAlias
specifies the Backus-Naur Form (BNF) for a name
or alias of a symmetric key in the keystore up to 12
characters long, or a sequentialKeyID exactly 21 characters
long.
keyAliasRange
specifies a sequentialKeyID and hexadecimal
digits up to 18 characters, separated by a hyphen (-). If 18
characters are specified the first two characters must be 00.
Must be specified on one line and contain no cr-lf.
GroupID
specifies the name of a group of aliases.
Example
symmetricKeySet
=
KMA0238ab34,KMB0000034acd2345678a,THZ001-FF
This
instructs the Encryption Key Manager to use aliases
KMA0238ab34, KMB0000034acd2345678a and the range of
aliases THZ000000000000000001 through
THZ0000000000000000FF when serving keys to LTO 4 and
LTO 5 tape drives. These keys must exist in the keystore
specified by
config.keystore.file
in the properties file.
B-6
Dell Encryption Key Mgr User's Guide
|
|
|
|
|