Manualshelf

Encrypted Volume and File System v2.2 Administrator Guide (777846-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
31323334353637383940
EVFS uses the stored passphrase to decrypt the private key, then
uses the private key to enable the EVFS volume.
options Following are the valid options for the autostart feature:
boot_local Causes EVFS to enable the EVFS volume
before local file systems in /etc/fstab are
mounted and before NFS and other
networking subsystems are started. Use this
flag if the private key and stored passphrase
used to enable the volume are located on the
root disk of the local system.
boot_local2 Enable the EVFS volume after local file
systems in /etc/fstab are mounted and
before NFS and other networking subsystems
are started. Use this flag if the private key
and stored passphrase used to enable the
volume are located on a nonroot disk of the
local system.
If you specify the boot_local2 option, the
system will be unable to automatically mount
a file system on the EVFS volume as part of
the system startup procedure and you must
manually mount the file system.
boot_remote Enable the EVFS volume after NFS and other
networking subsystems are started. Use this
flag if the private key or stored passphrase
used to enable the volume is located on a
remote system, such as an NFS directory.
If you specify the boot_remote option, the
system will be unable to automatically mount
a file system on the EVFS volume as part of
the system startup procedure and you must
manually mount the file system.
See evfstab(4) for more information.
Example
The following entry in the /etc/evfs/evfstab file configures the autostart feature and uses
the init user's key initkey, which was created with a stored passphrase:
v /dev/vg01/lvol5 /dev/evfs/vg01/lvol5 init.initkey boot_local
c. Verify that a stored passphrase exists for the key IDs specified in the /etc/evfs/evfstab
entries. If you did not store the passphrase when you created the key pair, use the evfspkey
passgen command to create a passphrase. See “Creating or changing a stored passphrase
for an existing key” (page 70).
Step 6: (Optional) Configuring the autostart feature 35