User's Manual
Controllers 147
NOTE: Server Administrator Storage Management provides a suggested
Passphrase below the Passphrase text box.
4
If you want to save the Encryption Key credentials in a file on the system
where Distributed Web Server is running, select the
Escrow
check box.
The
Path
field is displayed. Enter the path where you want to save the file.
The path should contain a file name with an .
xml
extension. The saved file
contains this information: SAS address, Encryption Key Identifier,
Passphrase, and modified date. You can use this file for future reference.
CAUTION: It is important to understand that if you lose the Passphrase, you
cannot recover it. If you move the physical disks associated with the lost
Passphrase to another controller or if the controller fails or is replaced, you
cannot access data from that disk.
NOTE: If Encryption Key Identifier or Passphrase contains special characters
such as &, ", <, and >, in the file, they are written as &, ", < and
> respectively.
NOTE: If the system crashes while saving the file, the backup file is saved in
the specified location.
5
Select the check-box indicating that you understand the implications of
using a Passphrase and click
Apply Changes
.
In the controller Information/Configuration sub-tab, the Encryption Key
Present is set to Yes and the Encryption mode is set to LKM.
Changing or Deleting the Encryption Key
You can change an Encryption Key of a controller if the controller already has
a configured Encryption Key. You can delete an Encryption Key for encrypted
controllers only if there are no encrypted virtual disks.
To change the Encryption Key, enter the New Encryption Key Identifier and
Passphrase. You are prompted to authenticate with the current Passphrase.
Ensure you read the note on the importance of Passphrase and consequences
of not saving the same, before applying the changes.
When you change the Encryption Key, the existing configuration on this
controller is updated to use the new Encryption Key. If you have removed any
of the encrypted drives previously, you must authenticate with the old
Passphrase to import the encrypted drives.