Over a few month period from the end of 2024 until March or so of 2025 I performed ~5 IBM Flashsystem installs. The models were mostly FS5300 but this problem wasn’t limited to just that model. Which is means it most likely was a software code level issue, but yet I’ve never been able to find a known issue/defect about it.

Long story short, when creating the USB encryption keys the GUI would never acknowledge the USB keys were inserted to continue. Tried several different browsers and USB keys and none of seemed to matter either. So ultimately the only way we were able to do so was via the CLI shared below. If anybody knows an exact level this affects I would gladly update this article to include it. Drop me an email at sbodily@cleartechnologies.net

The steps below are available at https://www.ibm.com/docs/en/flashsystem-9×00/9.1.0?topic=drives-enabling-encryption-usb-flash

To enable the encryption that uses USB flash drives, enter the following command:

chencryption -usb enable

Verify via the lsencryption command output as italicized below.

• status enabled
• error_sequence_number….

Insert the USB keys. Enter the following command to prepare a new USB master key:

chencryption -usb newkey -key prepare

The new key has been created successfully when the usb_rekey_filename field shows the name of the new key upon executing lsencryption command as shown below in italics.

• status enabled
• error_sequence_number
• usb_rekey no
• usb_key_copies 4
• usb_key_filename encryptionkey_alphanum_alphanum_fsname
• usb_rekey_filename
• keyserver_status licensed
• keyserver_rekey no_key
• keyserver_pmk_uid
• keyserver_pmk_rekey_uid
• recovery_key_status enabled
• recovery_key_rekey no
• recovery_key_name recoverykey_alphanum_alphanum_fsname
• recovery_key_rekey_name

After all copies are completed, run the following command to complete the enablement process:

chencryption -usb newkey -key commit