-p

Causes EVFS to use a stored passphrase to enable encryption and

 

decryption for the named EVFS volume. The /etc/evfs/evfstab

 

file must contain an entry for this volume with a key ID field.

-kkeyname

Specifies the key name. If you do not specify -kkeyname, evfspkey

 

uses the user name as the key name.

 

Valid value: An ASCII string, 1 to 255 characters long.

evfs_volume_path Specifies the absolute pathname for the EVFS volume device file, such as /dev/evfs/vg01/lvol5, /dev/evfs/vx/dsk/rootdg/vol05, or /dev/evfs/dsk/c2t0d1.

Disabling Encryption/Decryption Access to EVFS Volumes

The evfsvol disable command disables encryption and decryption access to EVFS volumes. The evfsvol disable command fails if a file system is mounted on the EVFS volume or if the EVFS volume device file is opened by any process.

Use the following procedure to disable encryption and decryption access to a volume:

1.For data consistency, stop all applications accessing the data. You can use the fuser -cucommand to determine the processes accessing files, and the fuser -ckucommand to terminate the processes. See fuser(1M) for more information.

If the data is used by system processes, you might need to terminate the processes by changing the system runlevel to single-user level with the shutdown utility. See the shutdown(1M) manpage for more information.

2.If you have a file system mounted on the EVFS volume, use the umount command to unmount the file system. See umount(1M) for more information.

Starting and Stopping EVFS 81

Page 81
Image 81
HP UX Encrypted Volume and Filesystem (EVFS) manual Disabling Encryption/Decryption Access to Evfs Volumes