- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: Enabling LTO4 Hardware Encryption from OpenVMS...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-02-2010 06:03 AM
тАО09-02-2010 06:03 AM
Is it possible to use LTO4 hardware encryption without using using the LTO4 key management software. i.e. using some DCL command (or qualifier) to tell the LTO4 to use its hardware encryption (and a key supplied at runtime) on the data being backed up.???
Dave.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-02-2010 07:32 AM
тАО09-02-2010 07:32 AM
Re: Enabling LTO4 Hardware Encryption from OpenVMS ??
As far as passing keys is concerned, I see many referenced to SPin and SPout (Security Protocol IN and Security Protocol OUT). SPout can be used to set a key on an LTO4 Tapedrive from what I understand.
Is there an OpenVMS equivalent to this??
If I choose to use the LTO4 Key Management Software, how do I interface with it from OpenVMS?? (or do I not need to??)
How can I confirm that my backup tapes are encrypted ??
Dave.
(So many Q's, and not many A's)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-02-2010 06:14 PM
тАО09-02-2010 06:14 PM
SolutionSee here for the VMS program written to load keys into LTO4 drives:
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1171171
We found it was easier, on the latest generation MSL libraries (MSL2024, MSL4048, etc) to just purchase the encryption kit option. This provides a usb fob that sticks on the back of the library and contains the keys. We then set the libary such that the drives are always in encrypted mode and then VMS doesn't have to care about managing it.
It would be necessary to use that program on a standalone (non-library) LTO4 drive. Especially since the drives lose the key when they are powered off, I would re-load it before each backup just to be sure. We did testing on a standalone drive with that program and it worked well.
- Dave
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-26-2010 04:04 PM
тАО09-26-2010 04:04 PM
Re: Enabling LTO4 Hardware Encryption from OpenVMS ??
Does Tom's program work to set the same key on standalone drives as with the encryption kit?
I'm thinking about requirements to read the tapes at another site (such as a DR site) that isn't using an MSL tape library.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-27-2010 06:50 AM
тАО09-27-2010 06:50 AM
Re: Enabling LTO4 Hardware Encryption from OpenVMS ??
We never tested if the same encryption key that is on the library usb fob can be loaded from VMS into a "standalone" LTO4 drive, such that the same tape can be readable.
I don't see why not, however - it's all just ones and zeros with computers, right?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-27-2010 07:36 AM
тАО09-27-2010 07:36 AM
Re: Enabling LTO4 Hardware Encryption from OpenVMS ??
Put another way, there's even less of a chance I'd trust encryption without a periodic full-path verify, given this is heaped atop a complete lack of trust for whether a non-encrypted recovery will work.
Put another way, this is absolutely certain to fail.
Until you can prove it works.