Change the authentication key

You can use the apsedkey change command to change the AEK on the appliance.

Procedure

  1. Log in as apuser or equivalent user.
  2. Run the following command to change the current AEK on the SED drives of IIAS. Make sure you have the new key file ready. Ideally new key file is generated using apsedkey generate command.
    apsedkey change --file <file> --label <label>

    The command changes the enabled key on the drives to the key in the specified file. The key is named with –label.

    Sample output:

    [apuser@sfm02-node0103]# apsedkey change --file /tmp/newkey.txt  --label mykey2
    Changed enabled key to 'mykey2'
    /tmp/newkey.txt can now be safely deleted.