182 Script Commands
To use this command successfully, you need to have enough SES drives to
create atleast one disk group. The controller firmware creates a lock that
restricts access to the SES drives. SES drives have a state called Security
Capable. When you create a security key, the state is set to Security Enabled,
which restricts access to all SES drives that exist within the storage array.
You can have a storage array configuration with more than one set of
encrypted disk groups. Each disk group can have a unique security key. The
character string generated by the keyIdentifier parameter is a string that you
can read and that enables you to identify the security key that you need. You
can create a keyIdentifer by using one of these methods:
• You can enter up to 189 alphanumeric characters for a key identifier. The
key identifier cannot have these characters:
– White spaces
keyIdentifier A character string that you can read that is a
wrapper around a security key.
passPhrase A character string that encrypts the security key
so that you can store the security key in an
file The file path and the file name to which you
want to save the security key. For example,
NOTE: You must add a file extension of .slk to the
end of the file name.
commitSecurityKey This parameter commits the security key
identifier to the storage array for all SES drives as
well as the controllers. After the security key
identifier is committed, a key is required to read
data or write data. The data can only be read or
changed by using a key, and the drive can never
be used in a nonsecure mode without rendering
the data useless or totally erasing the drive.
book.book Page 182 Wednesday, June 8, 2011 12:20 PM