ONTAP Discussions

Security key-manager passphrase

chi
6,572 Views

Hi,

 

I need help!

 

I lost the passphrase after the security key-manager setup because I did not save the passphase.  how can I recover or update the passphrase?

 

Thanks,

 

It is OnTap 9.1P3 

 

 

Chi

 

5 REPLIES 5

Sahana
6,531 Views

Hi,

 

Try using  security key-manager key show. Refer KB https://kb.netapp.com/support/s/article/ka21A0000000jyiQAA/OKM-Onboad-Key-Manager-authentication-key-creation-and-application-to-NSE-drives 

http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-920%2Fsecurity__key-manager__update-passphrase.html Update passphrase needs you to enter existing passphrase.

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

chi
6,498 Views

Hi,

 

The problem is I don't have the current passphrase, so I can not use "security key-manager update-passphrase".

 

 

 

Chi

hariprak
6,524 Views

Hi,

 

You can refer this doc, http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-910%2Fsecurity__key-manager__setup.html

 

 

Thanks

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Kathrynj
6,029 Views

There is a key-manager delete-key-database which will clear the configuration and allow you to run the setup again with a new passphrase.

I would move the data to new volumes to decrypt first.

vCosonok
5,388 Views

The documentation suggests that command needs the passphrase which we don't know. Anyone had any success resetting the passphrase?

 

http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-cmpr-910%2Fsecurity__key-manager__delete-key-database.html

 

cluster1::*>security key-manager delete-key-database

Warning: This command will permanently delete all keys from onboard key management.
Do you want to continue? {y|n}: y

Enter the passphrase::

cluster1::*>

  

Public