HP UX Encrypted Volume and Filesystem (EVFS) manual Verifying the Configuration, Evfsadm stat -a

Step 3: Verifying the Configuration

Use the following commands to verify your EVFS configuration:

•evfsadm stat -a

•evfsvol display evfs_volume_path

evfsadm stat -a

After you access data or mount a file system on an EVFS volume that is correctly configured, the output for the evfsadm stat -acommand shows nonzero values for the number of blocks read (bpr), written (bpw), decrypted (bpd), and encrypted (bpe). The output is similar to the following:

----EVFS Volume Name ------- State ------------------- Queues -------------

orr owr odr oer

----EVFS Volume Name ------- State ----------------- Counters -------------

bpr bpw bpd bpe

----EVFS Volume Name ------- State ------------------- Rates --------------

kbpsr kbpsw dkbps ekbps

For descriptions of the output fields, see “Displaying I/O and Encryption Statistics (evfsadm stat)” (page 130) .

evfsvol display evfs_volume_path

The evfsvol display evfs_volume_path command displays information about the EVFS volume, including the name of the underlying LVM, VxVM, or physical volume device file, and the names of the keys configured for the EVFS volume. The output for the evfsvol display evfs_volume_path is similar to the following:

#evfsvol display /dev/evfs/vg01/lvol5

See “Displaying EVFS Volume Keys and Operating Parameters (evfsvol display)” (page 131) for more information.

Verifying Data Encryption

You can use the following procedure to verify that EVFS is encrypting data before it is written to the underlying LVM, VxVM, or physical volume:

1.Write text (a character string) to a file on an enabled EVFS volume.

2.Use the strings utility to search the EVFS volume device file. The text is stored in the underlying LVM, VxVM or physical volume as encrypted data, but the strings utility is

Option 1: Creating a New EVFS Volume 59