Renaming AES secure keys
Use the zkey rename command to rename a secure key in the secure key repository.
Specify the name of the key that is to be renamed using the --name option and
the new name using the --new-name option. You cannot use wildcards.
Note: When renaming a secure key that is associated with one or multiple volumes, and the key's
volume type is PLAIN, a message informs you about the associated volumes. When the secure key is
renamed, these volumes can no longer be used, unless you change the name of the secure key in the
cryptsetup
plainOpen commands and in the
/etc/crypttab entries.
For keys with volume type LUKS2 no such message is issued, because the secure key is contained in the LUKS2 header.
Examples:
volume type LUKS2
# zkey rename --name secure_xtskey1 --new-name secure_xtskey2
volume type PLAIN
# zkey rename --name secure_xtskey1 --new-name secure_xtskey2 The following volumes are associated with the renamed key 'secure_xtskey2'. You should adjust the corresponding crypttab entries and 'cryptsetup plainOpen' commands to use the new name. /dev/mapper/disk1:enc-disk1