Manualshelf

Encrypted Volume and File System v2.0 Administrator Guide HP-UX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
11121314151617181920
Contents
1 Overview................................................................................................13
EVFS architecture....................................................................................................................13
Features and benefits..............................................................................................................14
Supported software.................................................................................................................15
Product limitations and precautions...........................................................................................17
2 EVFS data and keys..................................................................................19
EVFS data flow.......................................................................................................................19
Encryption metadata (EMD).....................................................................................................19
EVFS encryption keys..............................................................................................................20
Volume and file encryption keys...........................................................................................20
User keys..........................................................................................................................20
Passphrases..................................................................................................................20
Stored passphrases...................................................................................................20
Using HP-UX Trusted Computing Services with EVFS................................................................21
How EVFS uses keys...........................................................................................................21
Key names and key IDs...........................................................................................................21
User key and passphrase storage..............................................................................................21
File names........................................................................................................................22
Alternate storage databases and distributed key storage.........................................................22
3 EVFS installation.......................................................................................23
Prerequisites...........................................................................................................................23
Installing EVFS........................................................................................................................23
Upgrading to EVFS v2.0..........................................................................................................24
Uninstalling EVFS....................................................................................................................25
4 Preparing EVFS for configuration................................................................26
Verifying for preconfiguration...................................................................................................26
Preparation overview..............................................................................................................26
Step 1: Configuring an alternate EVFS pseudo-user......................................................................27
Step 1a: Setting the evfs_user attribute..................................................................................27
Example......................................................................................................................27
Step 1b: Creating the user group.........................................................................................27
Example......................................................................................................................27
Step 1c: Creating the EVFS pseudo-user account....................................................................27
Example......................................................................................................................27
Step 2: (Optional) Configuring alternate key database directories.................................................28
Syntax for pub_key, priv_key, and pass_key attribute statements...............................................28
Key storage directory requirements.......................................................................................29
Default pub_key, priv_key and pass_key attribute statements....................................................29
Example: Alternate directory for public keys..........................................................................30
Example: NFS directory for public and private keys................................................................30
Step 3: (Optional) Modifying EVFS global parameters.................................................................30
Step 4: Starting the EVFS subsystem..........................................................................................31
Example...........................................................................................................................31
Step 5: (Optional) Configuring the autostart feature....................................................................31
12 Contents