Encrypted Volume and File System v2.2 Administrator Guide (777846-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software

101

102

103

104

105

106

107

108

109

110

Contents

9 Determining user roles.............................................................................103

The system administrator role..................................................................................................103

The user role........................................................................................................................103

The key manager role...........................................................................................................103

Enabling the key manager................................................................................................104

10 Creating an EFS volume and file system...................................................105

Creating an LVM or VxVM volume..........................................................................................105

Mapping the volume to EVFS.................................................................................................105

Creating a file system............................................................................................................106

Performing operations on an EFS file system.............................................................................106

11 Using EFS............................................................................................108

Using a secure session..........................................................................................................108

Logging into a secure session............................................................................................108

Exiting from a secure session.............................................................................................109

Displaying secure session information.................................................................................109

Creating an encrypted file.....................................................................................................109

Reading from or writing to an encrypted file.............................................................................109

Changing the file permissions................................................................................................110

Changing the file owner/group..............................................................................................110

File encryption attributes........................................................................................................110

Enabling a directory or a file system for encryption...............................................................110

Enabling encryption at the FS level................................................................................111

Enabling encryption at the directory level.......................................................................111

Enabling encryption at the FS and directory level.............................................................112

Disabling a directory or FS for encryption...........................................................................112

Disabling encryption at the FS level...............................................................................112

Disabling encryption at the directory level......................................................................113

Listing file encryption attributes..........................................................................................113

Sharing encrypted files via groups and group keys....................................................................113

File conversion operations......................................................................................................114

Converting a cleartext file to an encrypted file.....................................................................114

Converting an encrypted file to a cleartext file.....................................................................115

Changing the file encryption key (rekey)..............................................................................116

Cipher precedence..........................................................................................................117

Using the evfsxfr command....................................................................................................117

Examples........................................................................................................................117

EFS backup and restore.........................................................................................................118

The EVFS wrapper commands................................................................................................120

The cp command.............................................................................................................120

The chown and chgrp commands.......................................................................................122

The mv command............................................................................................................123

The usermod and groupmod commands.............................................................................125

The userdel and groupdel commands.................................................................................126

Using the evfsrun command...................................................................................................127

The EFS recovery key.............................................................................................................128

12 Managing keys....................................................................................131

Types of keys........................................................................................................................131

Key manager key.................................................................................................................131

Managing a user key............................................................................................................132

Creating a user key .........................................................................................................132

Contents 101