Recovering key verification

Use the encrypt_recovery_key_verify command to confirm that the current user has correctly copied the recovery key share retrieved by the encrypt_recovery_key_get command.

encrypt_recovery_key_verify key=Key

Parameters

Name Description Mandatory
key The 64 character hexadecimal recovery key. Y

This command is used by security administrators to confirm that they have correctly copied the recovery key presented by the encrypt_recovery_key_get command. Encryption can be enabled (or a rekey can be completed) only when all security administrators have confirmed their respective recovery keys using this command.

Example: 

encrypt_recovery_key_verify 
key=B07C4374AC26C4DD3EC2E755EB3FAAF04EC792C8BE0D0CB1C1BAC79998EBEC6D

Output: 

Command executed successfully.

Access control

User Category Permission
Storage administrator Disallowed
Storage integration administrator Disallowed
Application administrator Disallowed
Security administrator Allowed
Read-only users Disallowed
Technicians Disallowed

Return codes

  • UNSUPPORTED_HARDWARE

    Cannot utilize encryption on unsupported hardware.

    Troubleshooting: Contact support to verify encryption status.

  • INVALID_RECOVERY_KEY_FRAGMENT

    Recovery key fragment given does not match stored key.

    Troubleshooting: Verify that the proper key(share) has been used

  • GENERIC_FAILED

    Generic encryption failure.

    Troubleshooting: Contact support.

  • INVALID_RECOVERY_KEY_USER

    User is not a valid recovery key administrator.

    Troubleshooting: Check that the user names provided are valid

  • CANNOT_READ_FROM_KEY_REPOSITORY

    Failed reading keys from the key repository.

    Troubleshooting: Contact support.

  • RK_FAILED_VERIFY_SLEEP

    Too many failed verify attempts, please wait and try again.

    Troubleshooting: Wait a little and try again.

  • ENCRYPTION_KR_WRITE_FAILED

    Error writing to the key repository.

    Troubleshooting: Contact support

  • INVALID_RECOVERY_KEY_STATE

    Recovery key state is inconsistent with the option provided.

    Troubleshooting: Check the recovery key state using encrypt_recovery_key_status.

  • RECOVERY_KEY_ALREADY_VERIFIED

    The recovery key has already been verified.

    Troubleshooting: Check the recovery key state using encrypt_recovery_key_list.