Encrypted Volume and File System v2.0 Administrator Guide HP-UX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software

100

Contents

9 Determining user roles.............................................................................100

The system administrator role..................................................................................................100

The user role........................................................................................................................100

The key manager role...........................................................................................................100

Enabling the key manager................................................................................................101

10 Creating an EFS volume and file system...................................................102

Creating an LVM or VxVM volume..........................................................................................102

Mapping the volume to EVFS.................................................................................................102

Creating a file system............................................................................................................103

Performing operations on an EFS file system.............................................................................103

11 Using EFS............................................................................................105

Using a secure session..........................................................................................................105

Logging into a secure session............................................................................................105

Exiting from a secure session.............................................................................................106

Displaying secure session information.................................................................................106

Creating an encrypted file.....................................................................................................106

Reading from or writing to an encrypted file.............................................................................106

Changing the file permissions................................................................................................107

Changing the file owner/group..............................................................................................107

File encryption attributes........................................................................................................107

Enabling a directory or a file system for encryption...............................................................107

Enabling encryption at the FS level................................................................................108

Enabling encryption at the directory level.......................................................................108

Enabling encryption at the FS and directory level.............................................................109

Disabling a directory or FS for encryption...........................................................................109

Disabling encryption at the FS level...............................................................................109

Disabling encryption at the directory level......................................................................110

Listing file encryption attributes..........................................................................................110

Sharing encrypted files via groups and group keys....................................................................110

File conversion operations......................................................................................................111

Converting a cleartext file to an encrypted file.....................................................................111

Converting an encrypted file to a cleartext file.....................................................................112

Changing the file encryption key (rekey)..............................................................................113

Cipher precedence..........................................................................................................114

Using the evfsxfr command....................................................................................................114

Examples........................................................................................................................114

EFS backup and restore.........................................................................................................115

The EVFS wrapper commands................................................................................................116

The cp command.............................................................................................................117

The chown and chgrp commands.......................................................................................119

The mv command............................................................................................................120

The usermod and groupmod commands.............................................................................122

The userdel and groupdel commands.................................................................................123

Using the evfsrun command...................................................................................................124

The EFS recovery key.............................................................................................................125

12 Managing keys....................................................................................128

Types of keys........................................................................................................................128

Key manager key.................................................................................................................128

Managing a user key............................................................................................................129

Creating a user key .........................................................................................................129

98 Contents