SED key store

Netezza Performance Server for Cloud Pak for Data System

Note: This feature is not supported if you have Netezza Performance Server 11.2.2.X and later installed on Cloud Pak for Data System 2.X.

To support the auto-lock more for SEDs, you must create and manage a key store to hold the AEKs for the host and SPU drives.

Before you create and manage the keys for auto-locking the SEDs, you must create a key store to hold the keys. You use the nzkeydb command to create and manage the key stores. The key store is stored in the /nz/var/keystore directory. The key store has a password to help protect it from users who are not allowed to see the contents or manage keys.

If your key store is deleted or corrupted, you lose the ability to unlock your SED drives when they power on. As a best practice, make sure that you have a safe backup of the current key store. You use the nzkeybackup command to create a compressed tar file backup of the current key store. You should always back up the latest key store after any key changes using the nzkeybackup command. Make sure that you save the key store backups in a safe location away from the Netezza Performance Server system.

Refer to the following command descriptions for more information: