Manualshelf

HP-UX 11i Encrypted Volume and File System (EVFS) Best Practice (2009)

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
12345678910
8
In key replication, a centralized system is selected to be the master key keeper. All keys are
created on this master server and replicated to all other servers through protocol such as ftp. The
key directories on the clients must be read-only to prevent inadvertent modification. Keys should
be pushed periodically to the clients, especially after key passphrase is changed.
Recovery Agent
Recovery agent allows recovery of encrypted data when the access keys have become
unavailable. Although it’s an option for EVFS, recovery agent should be established in most
installation to allow data recovery. Separate recovery agents should be created for EVS and
EFS.
The recovery agent user name is specified in the evfs_user parameter of the EVFS
configuration file. The default is evfs. If key name is not specified while adding a recovery
agent into an EVS volume (evfsvol add), the default key name is evfs. The recovery agent
key name for EFS mode is specified in the efs_recovery_keyname parameter of the EVFS
configuration file. There is no default for this parameter and the key name of efs is
recommended. Following table summarize the 2 different modes:
It’s important to move the private portion of the recovery key off-line once the recovery agent
has been created. It must not be available on-line during normal operation. This private key and
its associated passphrase should be stored in a safe place. Data recovery operation must be
restricted to a limited set of security personnel. Access to this key must be logged and audited
on a frequent basis.
Recovery keys can be used in a key escrow arrangement so only a trusted third-party is
authorized to recovery the encrypted data content.
EVS mode EFS mode
Recovery agent keys are added to EVS volume
with evfsvol add command.
Recovery agent key are added to the
encrypted file with evfsfile add –r
command.
Recovery agent keys are not added
automatically during volume creation.
If the secure session has a recovery agent
specified, encrypted files will be created with
this recovery agent.
Maximum of 2 recovery agents per volume
are allowed.
Only 1 recovery agent per file is allowed.
Only 1 recovery agent can be active on a
system.
Recovery agent user name is specified in the
EVFS configuration file.
Recovery agent user name and key name are
specified in the EVFS configuration file. If this
agent is added, modified or deleted, either
EVFS need to be restarted or the command
evfspkey loadkey –r needs to be
executed to reflect this change.