The export storageArray securityKey command saves a drive security key to a file.
If external key management is enabled, then this command applies only to the E2800, E5700, EF600, and EF300 arrays. If internal key management is enabled, then the command applies to any individual storage array, as long as all SMcli packages are installed.
To execute this command on an E2800, E5700, EF600, or EF300 storage array, you must have the Security Admin role.
When the key file is exported from one storage array, that key can be imported into another storage array. This enables you to move security-capable drives between storage arrays.
export storageArray securityKey passPhrase="passPhraseString" file="fileName"
| Parameter | Description |
|---|---|
| passPhrase | A character string that encrypts the security key so that you can store the security key in an external file. Enclose the pass phrase in double quotation marks (" "). |
| file | The file path and the file name to which you want to save the security key. For example: file="C:\Program Files\CLI\sup\drivesecurity.slk" Important: The file name must have an extension of .slk.
|
The storage array to which you will be moving drives must have drives with a capacity that is equal to or greater than the drives that you are importing.
The controller firmware creates a lock that restricts access to the full disk encryption (FDE) drives. FDE drives have a state called Security Capable. When you create a security key, the state is set to Security Enabled, which restricts access to all FDE drives that exist within the storage array.
Your pass phrase must meet these criteria:
7.40