No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Disk Encryption User Guide

OceanStor V5 Series V500R007

This document is applicable to OceanStor 5110 V5, 5110F V5, 5300 V5, 5300F V5, 5500 V5, 5500F V5, 5600 V5, 5600F V5, 5800 V5, 5800F V5, 6800 V5, 6800F V5, 18500 V5, 18500F V5, 18800 V5, and 18800F V5. It introduces how to install and configure key management servers connected to the storage systems that use self-encrypting disks.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Restoring the Key Management Server to Factory Settings

Restoring the Key Management Server to Factory Settings

If you need to clear configurations on a key management server, you can restore it to factory settings.

Restoration Process

This section describes the process of restoring the key management server to factory settings.

Figure 4-57 Restoration process

Table 4-14 describes the operations, precautions, and reference sections involved in the restoration process.

Table 4-14 Restoration operations and description

Operation

Description

Reference Section

Manually backing up the configurations of the key management server

When you restore the key management server to factory settings, all configurations of the key management server are cleared. Therefore, manually back up configurations to the NFS server before the operation.

(Optional) Manually Backing Up the Configurations of a Key Management Server

(Optional) Destroying the key on the storage system.

If self-encrypting disk domain is created on the storage system and a key is generated, destroy the key of self-encrypting disks.

Destroying a Key

Restoring to factory settings

When you restore the key management server to factory settings through the serial port, all information on the key management server will be cleared.

Restoring the Factory Settings

Restoring the Factory Settings

This section describes how to restore the key management server to its factory defaults.

Prerequisites
  • You have manually backed up the configurations of the key management server.
  • If the self-encrypting disk domain has been created in the storage system and the encryption key has been generated, ensure that the encryption key has been destroyed on the storage system.
Procedure
  1. Log in to the CLI of the key management server through the serial port as an administrator.
  2. Run the config command to enter the config mode.
  3. Run the reset factory settings zeroize command and enter y to confirm the operation.

    SafeNet-01 (config)# reset factory settings zeroize 
    WARNING! 
    This command will reset your system to its original factory state. All configuration settings, ALL KEYS, software upgrades, internal backup files, and log will be deleted. 
    In addition, all keys on the device will be zeroized, a process that may require additional time but will render the keys irrecoverable. 
    The system will automatically reboot to apply these changes. 
    Are you sure you want to continue? y 
    Are you REALLY sure you want to continue? y 
    Reset Factory Settings initiated The system is rebooting.

  4. After the key management server is restored to factory defaults, it automatically restarts, which takes 10 to 20 minutes.
Translation
Download
Updated: 2019-07-11

Document ID: EDOC1000181504

Views: 24249

Downloads: 197

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next