Encrypted Volume and File System v2.0 Administrator Guide HP-UX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software

131

132

133

134

135

136

137

138

139

140

-p Prompts and stores the passphrase in a file.

-s Generates a random passphrase and stores it in a file.

-m <keywrap> Specifies the keywrap to override in the /etc/evfs.conf file.

-f <filename> Specifies the file name to import the key from.

This option is mandatory.

-F {pkcs12|pem} Specify the key format in the file. Default is pkcs12.

If the user key is imported by the key manager, the user will have to change its passphrase upon

the next logging into EFS when the user runs the evfsauth command. Otherwise, the user can

change the passphrase using the evfspkey passgen command beforehand. If the key manager

is not configured, the key owner will be the only one who can import the key. The system

administrator is not allowed to import a user key.

# evfspkey import -f keyout

Enter passphrase which protects file “keyout”:

Enter passphrase:

Re-enter passphrase:

Import key pair “testuser.testuser” from “keyout” successfully

To transfer a user key from system A to system B, the key owner can export the key in system A,

then ftp the key file to system B, and import it.

Deleting a user key

The system administrator, the key manager, or the key owner can delete a user key. Once the user

key is deleted, all the files encrypted with the file key protected by this user key become irrecoverable

(unless you have a primary group key or a recovery key in place). Therefore, a confirmation is

required before the key is deleted, as follows:

# evfspkey delete -u testuser

Caution: Are you sure you want to delete the "testuser.testuser" public/private key pair?

Continuing with this operation will make your data permanently irrecoverable.

Answer [yes/no]:yes

Public/Private key pair "testuser.testuser" has been successfully deleted

Exception

Once created, the key manager key cannot be deleted.

The following options are valid only for the system administrator or the key manager:

-u <username> Specifies the username.

-r Specifies the recovery key.

The following options are valid for the system administrator, the key manager, and regular users:

-k <keyname> Specifies the key name.

-p Indicates the passphrase file to be deleted.

When a user account is deleted from the system, the user's key should also be deleted. If the EFS

version of userdel (in /opt/evfs/bin) is used to delete the account, all user keys owned by

the user will also be deleted. If the regular userdel command is used, the system administrator

must run the evfspkey delete command to delete the user's keys.

Managing a group key

The group key is designed to share encrypted files among group members. Unlike a user key which

is protected by a passphrase, the group key is protected by an AES key (also called an access

key). The access key then in turn is protected by the key manager's key and the group members'

keys (if this group is their primary group). When a user logs into the EFS subsystem, the user primary

group key is loaded into the kernel. As a result, the user is able to access files that belong to the

group based on the UNIX access control.

Managing a group key 135