Encrypted Volume and File System v2.2 Administrator Guide (777846-001, April 2014)

EVFS defines the following types of user keys and restricts the execution of EVFS commands based

on these keys and HP-UX user privileges:

• EVS volume owner keys

• Recovery keys

• Authorized user keys

Some EVFS commands do not require user keys. Only users with the appropriate privileges can

execute these commands. By default, the appropriate privilege required for these EVFS commands

is superuser privilege. For more information about HP-UX privileges, see the privileges(5) manpage.

To perform operations on EVS volumes and other volumes, users must also have the appropriate

file access permissions for the associated device files. In most installations, users who want to

administrative operations on an EVS volume, including enabling and disabling EVS for the volume.

The owner can also add additional key records to the EMD.

A recovery key enables you to change a volume or file owner key. Only the recovery key and the

owner key can be used to change the owner key of an EVS volume or an encrypted file. The only

operation you can perform with a recovery key is to change the owner key for an EVS volume or

an encrypted file.

At installation, EVFS creates an EVFS pseudo-user account, evfs, if it does not already exist.

Recovery keys are owned by this pseudo-user.

HP recommends that you configure a recovery key for each EVS volume, but configuring recovery

device files can perform the same EVS operations that the holder of an owner key can perform,

except changing the EVS volume owner, adding and deleting additional keys to a volume, and

destroying the EVS volume by removing the EMD.

Table 1 summarizes the capabilities for the different key types and for users with superuser privileges

or the appropriate privileges.