Users Guide
• The controller does not have any oine or missing virtual disks. If there are oine or missing virtual disks, ensure that you have a
backup of these virtual disks.
• Cables to any virtual disk are not disconnected.
Encryption Key
The controller uses the encryption key to lock or unlock access to SED. You can create only one encryption key for each encryption-
capable controller.
If you are using LKM, you must create the encryption key by providing the Encryption Key Identier and the Passphrase.
Encryption Key Identier
An Encryption Key Identier is a user-supplied text label for the Passphrase. The identier helps you determine which Passphrase
to provide while authenticating import of foreign encrypted SED drives.
Passphrase
A Passphrase is a user supplied string that the controller uses to create the encryption key.
NOTE: For more information on Encryption Key and Passphrase guidelines, click the icon on the Manage Encryption
Key page.
Related links
Managing The Encryption Key
Creating An Encryption Key And Enabling LKM
To create an encryption key on the selected controller:
1. Select the Enable Local Key Management (LKM) option.
2. Type Encryption Key Identier.
An Encryption Key Identier can contain numerals, alphabets both lower and upper case are allowed, non-alphanumeric
characters, or a combination of any of these.
NOTE: For the Encryption Key Identier and Passphrase guidelines, click the icon on the page.
3. Type a Passphrase.
A Passphrase must contain at least one numeral, alphabets both lower and upper case are allowed, and one non-alphanumeric
character (except space).
NOTE: Server Administrator Storage Management provides a suggested passphrase below the Passphrase text box.
4. If you want to save the Encryption Key credentials in a le on the system where Distributed Web Server is running, select the
Escrow check box.
The Path eld is displayed. Provide the path where you want to save the le. The path should contain a lename with an .xml
extension. The saved le contains the information: SAS address, Encryption Key Identier, Passphrase, and modied date. You
can use this le for future reference.
CAUTION: It is important to understand that if you lose the Passphrase, you cannot recover it. If you move the
physical disks associated with the lost Passphrase to another controller or if the controller fails or is replaced, you
cannot access data from that disk.
NOTE: If Encryption Key Identier or Passphrase contain special characters such as & , " , <, and >, in the le, they
are written as & , ", < and > respectively.
NOTE: If the system crashes while saving the le, the backup le is saved in the specied location.
5. Select the check-box indicating that you understand the implications of using a passphrase and click Apply Changes.
In the controller Information/Conguration page, the Encryption Key Present is set to Yes and the Encryption mode is set to
LKM.
73