Manualshelf

HP-UX 11i Encrypted Volume and File System (EVFS) Best Practice (2009)

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
6789101112131415
12
Operational
Avoid Data Corruption
Do not manipulate the EMD or the encrypted data. Any modifications, intentional or accidental,
will render the encrypted data irretrievable. Each EMD header starts with the magic number
90fa 4a62 c4df ff09. Users and administrators must avoid writing to volumes or files that
start with this magic number.
EVS mode
Writing directly to an EVFS raw volume must be avoided. One of the common corruption
scenarios is during boot, if EVFS subsystem is not running, fsck the raw EVFS volume will likely
cause data corruption.
The recommendation to avoid volume level data corruption is to always use the device with
/dev/evfs prefix for an encrypted file system path. For example, if the EVFS subsystem is not
running, writing to the /dev/evfs device will simply return error. On the other hand, in the
same situation, writing to the /dev device directly might cause data corruption.
Another situation to avoid is simultaneous access of an EVS volume through different data paths.
This happens when different applications attempt to access the same device through multipath,
legacy DSF or persistent DSF.
EFS mode
An example of data corruption in EFS mode is issuing following command in an encrypted
directory:
evfsxfr ls -l > OUT
The purpose of the evfsxfr command is to access the raw content of the encrypted files. The
result of the above command is a corrupted EMD. This is because the shell creates the encrypted
file but the EMD is overwritten by the output of the ls command. Writing to an encrypted file
while using evfsxfr command must be avoided.
Symmetric key re-keying
With EVFS, the symmetric keys are wrapped with a user public key and stored in the EMD.
Though it’s unlikely the symmetric keys will be compromised in this manner, users may still want
to perform periodic re-keying based on PCI-DSS recommendation.
EVS mode
HP-UX 11i EVFS 2.0 does not support on-line rekeying. Encrypted data must be taken off-line in
order to be re-keyed. Re-keying of an encrypted volume is done by copying of the original
encrypted volume to a new encrypted volume that has a different key.
EFS mode
An EVFS command, evfsfile rekey, is provided to re-key an encrypted file.