Fabric OS Encryption Administrator's Guide
142 Fabric OS Encryption Administrator’s Guide
53-1002159-03
Re-exporting a master key
3
Viewing the master key IDs
The show localEE command shows the actual master key IDs, along with the new master key IDs.
Also shown are all exported master key IDs associated with a given (actual) master key.
NOTE
You will need to remember the exported master key ID and passphrase you used while exporting the
master key ID.
A new subcommand is available to support exporting master key IDs for a given master key.
cryptocfg --show -mkexported_keyids <MK ID>
The following example lists the exported master key IDs for a given master key ID:
cryptocfg --show –mkexported_keyids
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:92
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:92
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:93
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:94
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:95
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:96
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:97
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:98
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:99
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:9a
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:9b
Operation succeeded.
The exported key ID is displayed with the master key ID, as shown in the examples to follow:
Example: Initial master key export
cryptocfg --exportmasterkey
Enter passphrase:
Confirm passphrase:
Master key exported.
MasterKey ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7e
Exported Key ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7e
Example: Subsequent master key exports
cryptocfg --exportmasterkey
Enter passphrase:
Confirm passphrase:
Master key exported.
MasterKey ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7e
Exported Key ID: 1a:e6:e4:26:6b:f3:81:f7:d8:eb:cc:0f:09:7a:a4:7f
cryptocfg --exportmasterkey
Enter passphrase:
Confirm passphrase:
Master key exported.