Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 63

CLI Commands, addaliastogroup - default admin password

Get Dell PowerVault TL4000 PDF manuals and user guides View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 63 highlights

On Linux platforms Navigate to /var/ekm/ekmclient and enter . ./startClient.sh Interactively To run the commands interactively from any command window or shell, enter: java com.ibm.keymanager.KMSAdminCmd CLIconfiglfile_name -i The # prompt appears. Before submitting any commands, you must log in the CLI client into the key manager server with the following command: #login -ekmuser EKMAdmin -ekmpassword changeME Once the CLI client is successfully logged into the key manager server, you can execute any CLI commands. Use the quit or logout command to shut down the CLI client when you are finished. By default, the Encryption Key Manager server closes the communication socket with an unused client after ten minutes. Any attempt to enter a command after that will result in the client exiting. To specify a longer timeout period for the Encryption Key Manager server-client socket, modify theTransportListener.ssl.timeout property in the KeyManagerConfig.properties file. Using a command file To submit a batch of commands in a file to the key manager server, create a file containing the commands you wish to issue, for example, clifile. The first command in this file must be the login command because the client is required to login before executing any commands. For example, clifile might contain the following: login -ekmuser EKMAdmin -ekmpassword changeME listdrives Then to execute this command file, start the CLI client: java com.ibm.keymanager.admin.KMSAdminCmd CLIconfiglfile_name -filename clifile One command at a time You can run a single command at a time by specifying the CLI userid_ID and password for each command. From any command window or shell, enter: java com.ibm.keymanager.KMSAdminCmd ClientConfig.properties_name -listdrives -ekmuser EKMAdmin -ekmpassword changeME (This password can be changed with chgpasswd command.) The command will execute and the client session will end. CLI Commands The Encryption Key Manager provides a command set that can be used to interact with the Encryption Key Manager server from a command-line interface client, which includes the following commands. addaliastogroup Copy a specific alias from an existing (source) key group to a new (target) key group. This is useful when you wish to add an alias that already exists in one key group to a different key group. addaliastogroup -aliasID aliasname -sourceGroupID groupname -targetGroupID groupname Chapter 5. Administering the Encryption Key Manager 5-7

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
On Linux platforms
Navigate to /var/ekm/ekmclient and enter
. ./startClient.sh
Interactively
To run the commands interactively from any command window or shell, enter:
java com.ibm.keymanager.KMSAdminCmd CLIconfiglfile_name -i
The # prompt appears. Before submitting any commands, you must log in the
CLI client into the key manager server with the following command:
#login –ekmuser EKMAdmin –ekmpassword changeME
Once the CLI client is successfully logged into the key manager server, you can
execute any CLI commands. Use the
quit
or
logout
command to shut down
the CLI client when you are finished. By default, the Encryption Key Manager
server closes the communication socket with an unused client after ten
minutes. Any attempt to enter a command after that will result in the client
exiting. To specify a longer timeout period for the Encryption Key Manager
server-client socket, modify theTransportListener.ssl.timeout property in the
KeyManagerConfig.properties file.
Using a command file
To submit a batch of commands in a file to the key manager server, create a
file containing the commands you wish to issue, for example,
clifile
. The first
command in this file must be the
login
command because the client is required
to login before executing any commands. For example, clifile might contain the
following:
login -ekmuser EKMAdmin -ekmpassword changeME
listdrives
Then to execute this command file, start the CLI client:
java com.ibm.keymanager.admin.KMSAdminCmd
CLIconfiglfile_name
–filename clifile
One command at a time
You can run a single command at a time by specifying the CLI userid_ID and
password for each command. From any command window or shell, enter:
java com.ibm.keymanager.KMSAdminCmd
ClientConfig.properties_name
-listdrives
-ekmuser EKMAdmin -ekmpassword changeME
(This password can be changed with
chgpasswd
command.) The command
will execute and the client session will end.
CLI Commands
The Encryption Key Manager provides a command set that can be used to interact
with the Encryption Key Manager server from a command-line interface client,
which includes the following commands.
addaliastogroup
Copy a specific alias from an existing (source) key group to a new (target) key
group. This is useful when you wish to add an alias that already exists in one key
group to a different key group.
addaliastogroup -aliasID
aliasname
-sourceGroupID
groupname
-targetGroupID
groupname
Chapter 5. Administering the Encryption Key Manager
5-7