Restoring a master key from a file – Brocade Network Advisor SAN User Manual v12.3.0 User Manual
Page 898
846
Brocade Network Advisor SAN User Manual
53-1003154-01
Master keys
20
8. Enter the mandatory last name and first name of the person to whom the card is assigned.
9. Enter a Card Password.
10. Re-enter the password for verification.
11. Record and store the password in a secure location.
12. Click Write Card.
You are prompted to insert the next card, up to the number of cards specified in
13. Repeat
through
for each card in the set.
14. After the last card is written, click OK in the Master Key Backup dialog box to finish the
operation.
Overview of saving a master key to a smart card set
A card reader must be attached to the SAN Management application PC to save a master key to a
recovery card. Recovery cards can only be written once to back up a single master key. Each master
key backup operation requires a new set of previously unused smart cards.
NOTE
Windows operating systems do not require smart card drivers to be installed separately; the driver
is bundled with the operating system. However, you must install a smart card driver for UNIX
operating systems. For instructions, refer to the Installation Guide that comes with your system.
The key is divided among the cards in the card set, up to 10. The quorum of cards required to
restore the master key must be less than the total number of cards in the set, and no greater than
five. For example, when the master key is backed up to a set of three cards, a quorum of any two
cards can be used together to restore the master key. When the master key is backed up to a set of
10 cards, a quorum size of up to five cards can be configured for restoring the master key. Backing
up the master key to multiple recovery cards is the recommended and most secure option.
NOTE
When you write the key to the card set, be sure you write the full set without canceling. If you cancel,
all previously written cards become unusable; you will need to discard them and create a new set.
Restoring a master key from a file
Use the following procedure to restore the master key from a file.
1. Select Configure > Encryption from the menu task bar to display the Encryption Center
dialog box. (Refer to
2. Select a group from the Encryption Center Devices table, then select Group > Security from the
menu task bar.
The Encryption Group Properties dialog box displays with the Security tab selected.
3. Select Restore Master Key as the Master Key Action.
The Restore Master Key for Encryption Group dialog box displays. (Refer to
.)