Encrypted Volume and File System v2.2 Administrator Guide (777846-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software

101

102

103

104

105

106

107

108

109

110

Re-enter passphrase:

You are entering into a secure session. Use "exit" to end the session.

If the key manager changed your user key, the evfsauth login command forces you to reset

your passphrase, as follow:

# evfsauth login

Enter passphrase:

You need to reset EFS passphrase.

Enter new passphrase:

Re-enter new passphrase:

You are entering in a secure session. Use "exit" to end the session.

You can use the following options with the evfsauth login command. These options are used

only when a new user key is generated or when the passphrase is reset:

-c <cipher> Specifies the type of key to create.

-m <keywrap> Specifies the keywrap to override configuration in the

/etc/evfs/evfs.conf file.

Exiting from a secure session

To exit a secure session, enter the following:

# exit

This will unload all keys. Once you exit from a secure shell, you can no longer manipulate the

encrypted files. To create a new encrypted file or make any modifications to an existing encrypted

file, you must run the evfsauth login command once again to log into a secure session.

Displaying secure session information

Use the evfsauth display command to display the type of session that you are running and

if any, the keys that are loaded into the kernel, as follows:

# evfsauth display

You are not in a secure session.

# evfsauth display

User key:

Key name: jsmith.jsmith

Group key:

Group ID: 20

Key name: users.users

Recovery key:

Key name: evfs.efs1

Creating an encrypted file

To create an encrypted file, follow these steps:

1. Login to the system.

2. Enter a secure session by using the evfsauth login command.

3. Convert an existing clear file with the evfsfile encrypt command.

4. Or enable the directory or file system for encryption and create encrypted files in it.