No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Disk Encryption User Guide

OceanStor Dorado V3 Series V300R002

This document is applicable to OceanStor Dorado3000 V3, Dorado5000 V3, Dorado6000 V3 and Dorado18000 V3. This document introduces how to install and configure key management servers connected to the storage systems that use self-encrypting disks.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Restoring the Key Management Server to Factory Settings

Restoring the Key Management Server to Factory Settings

If you need to clear configurations on a key management server, you can restore it to factory settings.

Restoration Process

This section describes the process of restoring the key management server to factory settings.

Figure 3-57 Restoration process

Table 3-14 describes the operations, precautions, and reference sections involved in the restoration process.

Table 3-14 Restoration operations and description

Operation

Description

Reference Section

Manually backing up the configurations of the key management server

When you restore the key management server to factory settings, all configurations of the key management server are cleared. Therefore, manually back up configurations to the NFS server before the operation.

(Optional) Manually Backing Up the Configurations of a Key Management Server

(Optional) Destroying the key on the storage system.

If self-encrypting disk domain is created on the storage system and a key is generated, destroy the key of self-encrypting disks.

Destroying a Key

Restoring to factory settings

When you restore the key management server to factory settings through the serial port, all information on the key management server will be cleared.

Restoring the Factory Settings

Restoring the Factory Settings

This section describes how to restore the key management server to its factory defaults.

Prerequisites
  • You have manually backed up the configurations of the key management server.
  • If the self-encrypting disk domain has been created in the storage system and the encryption key has been generated, ensure that the encryption key has been destroyed on the storage system.
Procedure
  1. Log in to the CLI of the key management server through the serial port as an administrator.
  2. Run the config command to enter the config mode.
  3. Run the reset factory settings zeroize command and enter y to confirm the operation.

    SafeNet-01 (config)# reset factory settings zeroize 
    WARNING! 
    This command will reset your system to its original factory 
    state. All configuration settings, ALL KEYS, software upgrades, 
    internal backup files, and log will be deleted. 
    In addition, all keys on the device will be zeroized, 
    a process that may require additional time but will render the 
    keys irrecoverable. 
    The system will automatically reboot to apply these changes. 
    Are you sure you want to continue? y 
    Are you REALLY sure you want to continue? y 
    Reset Factory Settings initiated 
    The system is rebooting.

  4. After the key management server is restored to factory defaults, it automatically restarts, which takes 10 to 20 minutes.
Translation
Download
Updated: 2019-07-17

Document ID: EDOC1100049141

Views: 8843

Downloads: 57

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next