HP 1/8 G2 and MSL Encryption Kit User Guide
NOTE: After the RMI session ends, the PIN will still be available to the autoloader or library to
access the keys on the token for writing and reading tapes. For encryption operation, the PIN only
needs to be entered once when the autoloader or library is powered on or a different token is
installed in the autoloader or library.
Figure 21 MSL6480 RMI Logout link
Figure 22 Autoloader and other library RMI Logout link
After a power cycle
For increased security, the key server token's PIN is stored in volatile memory in the autoloader or
library. Each time the autoloader or library is powered on, the PIN must be entered. The autoloader
or library will display a warning message on the OCP and RMI, and send periodic SNMP and
email events, if those options are enabled, until the PIN is entered. The autoloader or library will
not write encrypted data until the PIN is entered.
CAUTION: If it is critical that the autoloader or library maintain encryption capability in the event
of a power loss, it is recommended that you plug the autoloader power cable or the library power
cable into an uninterruptable power supply (UPS).
Changing the PIN
You can change the PIN from the RMI encryption kit configuration screen with the required
password. The PIN must be between eight and 16 characters, containing at least one capital letter,
one lower case letter, and at least two digits.
NOTE: Some firmware versions limit the PIN to 15 characters. For optimal interoperability, limit
the length of the backup file password to 15 characters.
After a power cycle 31