Manualshelf

Encrypted Volume and File System v2.2 Administrator Guide (777846-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
61626364656667686970
users/evfs directory (or a subdirectory under the key storage directory using the EVFS
pseudo-user name) with the following permissions, owner, and group:
drwxr-xr-x 2 bin bin 96 Mar 16 17:27 evfs
4. Restore the public and private key files and any passphrase files with the following name,
owner, group, and permissions:
Public Key
File name: key_storage_directory/users/user_name/key_name.pub
(/etc/evfs/pkey/users/user_name/key_name.pub if you are using the
default key storage directory)
Owner: the user name for the owner
Group: sys
Permissions: Readable and writable by the owner, readable by group, and readable
by everyone else (644, or -rw-r--r--)
Private Key:
File name: key_storage_directory/users/user_name/key_name.priv
(/etc/evfs/pkey/users/user_name/key_name.priv if you are using the
default key storage directory)
Owner: the user name for the owner
Group: sys
Permissions: Readable and writable by only the owner (600, or -rw-------)
If you have a file named key_name.privext, restore it to the same location and
with the same permissions as for key_name.priv.
Passphrase File:
File name:
key_storage_directory/users/user_name/key_name.pass.nnn
(/etc/evfs/pkey/users/user_name/key_name.pass.nnn if you are using
the default key storage directory), where nnn is a number based on system-specific
data
Owner: the user name for the owner
Group: sys
Permissions: Readable and writable only by the owner (600, or -rw-------)
After you restore these files, a listing of the files shows output similar to the following:
# ll /etc/evfs/pkey/users/root
total 32
-rw------- 1 root sys 634 Mar 16 17:26 rootkey2.priv
-rw-r--r-- 1 root sys 344 Mar 16 17:26 rootkey2.pub
-rw-r--r-- 1 root sys 272 Mar 16 17:26 rootkey2.pass.08
192003-6e81-11d9-8b9e-b8f2666e6f49
Changing owner keys for an EVS volume
Use the following evfsvol assign command to change the owner or owner key of an EVS
volume. To execute this command, you must be the current owner of the EVS volume or have the
private key file for the volume recovery key. (The procedure for creating a recovery key is described
68 Administering EVS