1. Manuals
  2. Brands
  3. Brocade Communications Systems Manuals
  4. Software
  5. StoreFabric SN6500B
  6. Administrator's manual

Initiating A Manual Rekey Session - Brocade Communications Systems StoreFabric SN6500B Administrator's Manual

Brocade fabric os encryption administrator's guide v7.1.0 (53-1002721-01, march 2013)
Hide thumbs Also See for StoreFabric SN6500B:
Table of Contents

Advertisement

Initiating a manual rekey session

You can initiate a rekeying session manually at your own convenience. All encryption engines in a
given HA cluster, DEK cluster, or encryption group must be online for this operation to succeed. The
manual rekeying feature is useful when the key is compromised and you want to re-encrypt existing
data on the LUN before taking action on the compromised key.
CAUTION
Do not commit this operation if there are any changes pending for the container in which the
rekey was started. If you attempt to do this, the system displays a warning stating that the
encryption engine is busy and a forced commit is required for the changes to take effect. A forced
commit in this situation will halt any rekey that is in-progress (in any container) and corrupt any
LUN that is running rekey at the time. There is no recovery for this type of failure.
1. Log in to the group leader as Admin or FabricAdmin.
2. Do LUN discovery by issuing the cryptocfg
3. Ensure that all encryption engines in the HA cluster, DEK cluster, or encryption group are online
4. Enter the cryptocfg
5. Check the status of the rekeying session.
Fabric OS Encryption Administrator's Guide (SKM/ESKM)
53-1002721-01
cryptocfg
manual_rekey) command to avoid a potential I/O timeout because of a path state
--
change at the host.
by issuing the cryptocfg
--
manual_rekey command. Specify the CryptoTarget container name, the
-
LUN number and the initiator PWWN.
FabricAdmin:switch> cryptocfg --manual_rekey my_disk_tgt 0x0\
10:00:00:05:1e:53:37:99
Operation Succeeded
Please check the status of the operation using "cryptocfg --show -rekey"
FabricAdmin:switch> cryptocfg --show -rekey -all
Number of rekey session(s):
Container name:
EE node:
EE slot:
Target:
Target PID:
VT:
VT PID:
Host:
Host PID:
VI:
VI PID:
LUN number:
LUN serial number:
600601603FE2120014FC89130295DF1100010000000000000008000000000000
Rekey session number:
Percentage complete:
Rekey state:
Rekey role:
Block size:
Number of blocks:
discoverLUN command (before issuing the
--
show
groupmember
all command.
-
-
1
cx320-157A
10:00:00:05:1e:40:4c:00
9
50:06:01:60:30:20:db:34 50:06:01:60:b0:20:db:34
022900
20:00:00:05:1e:53:8d:cd 20:01:00:05:1e:53:8d:cd
06c001
10:00:00:00:c9:56:e4:7b 20:00:00:00:c9:56:e4:7b
066000
20:02:00:05:1e:53:8d:cd 20:03:00:05:1e:53:8d:cd
06c201
0x1
0
23
Write Phase
Primary/Active
512
2097152
3
Data rekeying
197

Advertisement

Table of Contents
loading

Related Manuals for Brocade Communications Systems StoreFabric SN6500B

Related Content for Brocade Communications Systems StoreFabric SN6500B

This manual is also suitable for:

Fabric os 7.1.0

Table of Contents