Manualshelf

HP-UX 11i Encrypted Volume and File System (EVFS) Best Practice (2009)

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
12345678910
9
EFS Key Manager
The use of the EFS key manager key is optional in EVFS. The following functions require the use
of key manager:
1. Reset a user's passphrase without having the user's passphrase
2. Manage EFS group access
Key manager and administrator can be the same account. But to support the additional function
of denying administrator access to the EFS encrypted data, the key manage account must be a
regular user account (non-zero uid) and not an administrator account. The reason is it’s possible
for key manger to access EFS data with the appropriate UNIX permission. As a non-
administrator, key manager is denied access to the EFS encrypted data if there is no
appropriate UNIX permission.
Key archival
As mentioned previously, a historical archive should be kept for all user keys. This archive
should be store off line or even off site. These keys can be used for data recovery if recovery
agent has not been established.
EVFS wrapper commands
HP-UX 11i EVFS provides a set of wrapper commands to facilitate user and group modification
or deletion. These commands are userdel, usermod, groupdel and groupmod. They are
located in directory /opt/evfs/bin. These EVFS commands must be used instead of the
standard HP-UX counterparts in order to maintain the synchronization between the keys and
their associated accounts.
Preparing for EVFS
Migrating data to EVFS
If it has been determined that a data set requires encryption, any existing clear text data within
this set must to be migrated to EVFS. First, users or administrators must to ensure these data are
backed up and verified before the conversion can take place. Below are the procedures for
both volume and file level migration:
EVS mode
There are two ways to migration data in EVFSvolume copy or in-line encryption. The trade-off
is between speed and storage space.
The drawback of copying volume data to a new encrypted volume is that it requires doubling
the size of storage. But it is potentially faster since different I/O paths can be used. Once
completed and verified, the old volume must be securely erased.