Table of ContentsView in Frames

Retrieving authentication keys

You can use the key_manager restore command to retrieve authentication keys from a key management server to a storage system. For example, when you created authentication keys on a node, you use this command to retrieve the keys for use on the partner node.

Before you begin

You must know the IP address for each key management server that you want to retrieve authentication keys from.

Steps

  1. Access the nodeshell by entering the following command: system node run -node node_name
  2. To retrieve authentication keys from a key management server to the storage system, enter the following command: key_manager restore -key_server key_server_ip_address -key_tag key_tag
    If all specified key management servers are available, you can use the -all option instead of the -key_server option to clear out the current Data ONTAP key table and retrieve all keys matching the specified key tag from all specified key management servers.
  3. Exit the nodeshell and return to the clustershell by entering the following command: exit

Examples

The following command restores keys with the key tag storage-system from the key management server with the IP address 172.18.99.175:

storage-system> key_manager restore -key_server 172.18.99.175 -key_tag storage-system

The following command restores all keys with the key tag storage-system from all key management servers linked to the storage system:

storage-system> key_manager restore -all -key_tag storage-system