Encrypted Volume and File System v1.1.
© Copyright 2009 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents Encrypted Volume and File System...................................................................................5 EVFS Documentation..............................................................................................................................5 1 EVFS.................................................................................................................................7 1.1 EVFS Features............................................................................
Encrypted Volume and File System The information in this document is for Encrypted Volume and File System (EVFS) A.01.01.02 only. EVFS Documentation For more information on EVFS, refer to these documents: : • Encrypted Volume and File System v1.1 Administrator's Guide • Backing Up and Restoring Data on HP-UX EVFS Volumes Using HP OpenView Storage Data Protector 6.0 These documents are located at: http://docs.hp.com The EVFS product is available only in the English language.
1 EVFS EVFS protects data by encrypting data volumes to protect data at rest – data on disks. You can also use EVFS to create encrypted backup media. EVFS prevents anyone who gains unauthorized physical access to storage media from reading or using the data. EVFS creates EVFS volumes, which are pseudo-devices (or virtual devices) layered on Logical Volume Manager (LVM), Veritas Volume Manager (VxVM), or physical volume devices.
automatically retrieve stored passphrases and use the passphrases to execute EVFS commands. CAUTION: Stored passphrases provide convenience, but they are security risks. 1.2 New and Changed Features in this Release HP-UX EVFS v1.1.2 includes the defect fixes listed in “Enhancements” (page 10) and “Defects Fixed” (page 10). 1.3 Acquiring and Installing EVFS You can acquire and install EVFS free of charge from Software Depot: http://www.software.hp.com Enter EVFS into the search box at the top of the page.
— — Specify different multipaths to the same physical disk when using whole disk access Specify persistent and legacy device files that point to the same physical disk CAUTION: If you create multiple EVFS volumes that reference the same LVM or VxVM volume or the same whole disk device, data corruption can occur. • • You enable EVFS encryption and decryption for an EVFS volume as a single unit.
• • • • • • • • • • • • • • Ignite-UX will read these files in cleartext. If the output media is not an EVFS volume, such as a tape, Ignite-UX will store these files in cleartext. Executing the command vxresize with the -F option can cause lost or corrupt data. For more information and a workaround, see “vxresize -F Can Cause Data Loss or Corruption” (page 11). Renaming VxVM volumes with EVFS enabled makes the volume unusable.
• Defect number: QXCR1000940811 Resolves a system panic when the EMD (EVFS Encrypted Meta Data) located at the beginning of the EVFS volume is corrupted. • Defect number: QXCR1000947450 Revolves a data corruption issue with in-line encryption of an EVFS volume that is more than 4GB in size. 1.7 Known Problems HP-UX EVFS v1.1.
Workaround Resize the VxVM volume and file system in separate operations. Use the vxassist command to increase or decrease the VxVM volume size (or the vxresize command without the –F option). Use the extendfs or fsadm command to resize the file system. 1.7.3 Renaming VxVM Volumes with EVFS Enabled Makes the Volume Unusable The vxedit rename command renames a VxVM volume.
