Additional information – Dell PowerVault MD3260i User Manual
Page 191
Parameter
Description
file
The file path and the file name to which you want to save
the security key. For example,
file="C:\Program Files\CLI\sup\seckey.slk"
NOTE: You must add a file extension of .slk to the end
of the file name.
commitSecurityKey
This parameter commits the security key identifier to the
storage array for all SES drives as well as the controllers.
After the security key identifier is committed, a key is
required to read data or write data. The data can only be
read or changed by using a key, and the drive can never
be used in a nonsecure mode without rendering the data
useless or totally erasing the drive.
Additional Information
To use this command successfully, you need to have enough SES drives to create atleast one disk group. The controller
firmware creates a lock that restricts access to the SES drives. SES drives have a state called Security Capable. When
you create a security key, the state is set to Security Enabled, which restricts access to all SES drives that exist within
the storage array.
You can have a storage array configuration with more than one set of encrypted disk groups. Each disk group can have
a unique security key. The character string generated by the keyIdentifier parameter is a string that you can read
and that enables you to identify the security key that you need. You can create a keyIdentifer by using one of these
methods:
•
You can enter up to 189 alphanumeric characters for a key identifier. The key identifier cannot have these
characters:
– White spaces
– Punctuation
– Symbols
•
You can leave out this parameter.
Additional characters are automatically generated and appended to the end of the string that you enter for the key
identifier. If you do not enter any string for the keyIdentifier parameter, the key identifier consists of only the
characters that are automatically generated.
Your pass phrase must meet these criteria:
•
The pass phrase must be between eight and 32 characters long.
•
The pass phrase must contain at least one uppercase letter.
•
The pass phrase must contain at least one lowercase letter.
•
The pass phrase must contain at least one number.
•
The pass phrase must contain at least one non-alphanumeric character, for example, < > @ +.
If your pass phrase does not meet these criteria, you receive an error message and you must retry the command.
191