Syntax
create storageArray securityKey [keyIdentifier="keyIdentifierString"]
[passPhrase="passPhraseString"] [file="fileName"] [commitSecurityKey=(TRUE |
FALSE)]
Parameters
Parameter Description
keyIdentifier
A character string that you can read that is a
wrapper around a security key.
passPhrase
A character string that encrypts the security key so
that you can store the security key in an external
file.
file
The file path and the file name to which you want
to save the security key. For example,
file="C:\Program Files\CLI\sup\seckey.slk"
NOTE: You must add a file extension of .slk to
the end of the file name.
commitSecurityKey
This parameter commits the security key identifier
to the storage array for all SES drives as well as the
controllers. After the security key identifier is
committed, a key is required to read data or write
data. The data can only be read or changed by
using a key, and the drive can never be used in a
nonsecure mode without rendering the data
useless or totally erasing the drive.
Additional Information
To use this command successfully, you need to have enough SES drives to create atleast one disk group.
The RAID controller module firmware creates a lock that restricts access to the SES drives. SES drives
have a state called Security Capable. When you create a security key, the state is set to Security Enabled,
which restricts access to all SES drives that exist within the storage array.
You can have a storage array configuration with more than one set of encrypted disk groups. Each disk
group can have a unique security key. The character string generated by the keyIdentifier parameter
is a string that you can read and that enables you to identify the security key that you need. You can
create a keyIdentifer by using one of these methods:
• You can enter up to 189 alphanumeric characters for a key identifier. The key identifier cannot have
these characters:
– White spaces
– Punctuation
– Symbols
• You can leave out this parameter.
200