import kms key
Function
Parameters
Parameter |
Description |
Value |
---|---|---|
ip=? | IP address of the FTP or SFTP server. | - |
user=? | User name for logging in to the FTP server or SFTP server. | The value consists of 1 to 64 characters without colons (:). |
password=? | Password for logging in to the FTP server or SFTP server. | The value consists of 1 to 64 characters. |
path=? | Name and path of the key file to be imported. | The file name extension of the key file must be .dat. The file name must be supported by the FTP and SFTP server. |
protocol=? | Transfer protocol type. | The value can be "FTP" or "SFTP". The default value is "SFTP". To ensure the security of data transfer, you are advised to use SFTP. |
port=? | Port number of the FTP or SFTP server. | The value is an integer ranging from 1 to 65535.
|
force=? | Forcible import key file. | The value is "no" or "yes", where:
NOTE:
Forcible import will ignore the file non-severity check error, for example, the file is not up-to-date, overwrite the system original keys directly with the data in the key file. |
Usage Guidelines
- This command can import the key file of the internal key management service only from an FTP server or SFTP server connecting to the storage system.Prerequisites for using this command:
- The FTP server or SFTP server is accessible to the storage system.
- The FTP service or SFTP service has been started on the server.
- If the storage system serves as a server in the file transfer with external systems, it supports the SFTP service only. If the storage system serves as a client, it supports both the FTP and SFTP services.
Example
Import a key file of the internal key management service. The key file name is "InnerKey.dat", the IP address of the FTP server for storing the key file is "10.10.10.1", the user name for accessing the FTP server is "admin", and the user's password is "123456".
developer:/>import kms key ip=10.10.10.1 user=admin password=****** path=InnerKey.dat protocol=FTP WARNING: You are about to import a key file of the internal key management service, which will overwrite the original key data. If the operation is inappropriate, it may cause the internal key management service to lose some key. Suggestion: 1. Confirm that the key file to be imported is up-to-date, and back up the key of the internal key management service of the current system before the import. 2. During the key import, creating, updating, and deleting the disk domain of self-encrypting disks are all forbidden. Have you read warning message carefully?(y/n)y Are you sure you really want to perform the operation?(y/n)y Password:************** Command executed successfully.