security key-manager restore

Restore the authentication key and key ID pairs from the key management servers.

Availability: This command is available to cluster administrators at the admin privilege level.

Description

This command retrieves and restores all authentication keys (AKs) and key IDs associated with the storage controller from the specified key management servers. This command is not supported when onboard key management is enabled.

Parameters

{ [-fields <fieldname>, ...]
This parameter specifies the fields that you want to display.
| [-instance ]}
If you specify this parameter, the command displays information about all entries.
[-node {<nodename>|local}] - Node
This parameter specifies the name of the node that is to load the AK/key IDs into its internal key table. If not specified, all nodes retrieve AK/key IDs into their internal key table.
[-address <IP Address>] - IP Address
If you specify this parameter, the command restores only from key management server at the specified IP address. If not specified the command restores from all available key management servers.
[-key-tag <text>] - Key Tag
This parameter specifies the value associated with the AK/key ID pair at the time of their creation. If specified, restore only AK/key ID pairs associated with the specified key tag. If not specified, all AK/key ID pairs for the cluster are retrieved.
[-key-ids <text>, ...] - Authentication Key ID
If you specify this parameter, the command displays only the specified key IDs.
[-count <integer>] - AK/Key ID Pair Count
This parameter specifies the key ID/AK pair count stored in the key management servers. If you specify this parameter the command displays only the key IDs retrieved from the key management servers with the specified number of key ID/AK pairs.
[-key-manager-server-status {available|not-responding|unknown}] - Key Manager Status
This parameter specifies the connectivity status of the key management server. If you specify this parameter the command displays only thekey IDs retrieved from key management servers with specified status.

Examples

cluster1::> security key-manager restore
  (security key-manager restore)

        Node: cluster1
 Key Manager: 10.233.1.198
       Count: 2
Key IDs
-------------------------------------------------------
F1CB30AFF1CB30B00101000000000000A68B167F92DD54196297159B5968923C
F1CB30AFF1CB30B00101000000000000CF0EFD81EA9F6324EA97B369351C56AC


        Node: cluster2
 Key Manager: 10.233.1.198
       Count: 2

Key IDs
-------------------------------------------------------
F1CB30AFF1CB30B00101000000000000A68B167F92DD54196297159B5968923C
F1CB30AFF1CB30B00101000000000000CF0EFD81EA9F6324EA97B369351C56AC

cluster1::> security key-manager restore -address 10.250.154.208 -key-tag cluster1
  (security key-manager restore)

 Node: cluster1
 Key Manager: 10.233.1.198
       Count: 1
Key IDs
-------------------------------------------------------
F1CB30AFF1CB30B00101000000000000A68B167F92DD54196297159B5968923C

 Node: cluster2
 Key Manager: 10.233.1.198
       Count: 1

Key IDs
-------------------------------------------------------
F1CB30AFF1CB30B00101000000000000A68B167F92DD54196297159B5968923C