Rekeying a system with USB flash drives

Rekeying is the process of creating a new key for the system. To create a new key, encryption must be enabled on the system; however, the rekey operation works whether or not there are encrypted arrays. Only certain models support encryption. Verify that your model supports encryption before proceeding.

Before creating a new key, ensure that at least one USB port contains a USB flash drive that contains the current key. During the rekey process, a new key is generated and copied to the USB flash drives. The new key is then used instead of the current key. The rekey operation fails unless at least one USB flash drive contains the current key. To rekey the system you need at least three USB flash drives to store the copied key material.

To rekey the system in the management GUI, complete these steps:
  1. In the management GUI, select Settings > Security > Encryption.
  2. Expand USB Flash Drives to display all the detected USB flash drives on the system and select Rekey.
  3. When the system detects the required number of the USB flash drives with at least one drive that contains an existing key, the new key is generated and copied to the USB flash drives. Click Commit after the key is created to complete the rekey operation. If errors occur during the rekey process, status messages display problems with the copy or creation of a new key. For example, if the minimum number of USB drives are inserted but none of them have an existing encryption key, the rekey operation fails. To determine and fix other possible errors, select Monitoring > Events.
Parent topic: Rekeying an encryption-enabled system
Contents | Monitoring | Pools | Volumes | Hosts | Copy Services | Access | Settings | More Information