AIX

 View Only

  • 1.  AIX - Encrypted Logical Volume (ELV)

    Posted Mon September 16, 2024 11:50 PM

    hi there,

    I am currently exploring the ELV feature on AIX. From an operational standpoint, I would like to understand how master key rotation is managed for existing ELVs. Are there any specific tools, methods, or best practices to follow? Additionally, how do current IBM AIX customers typically handle periodic key rotation to meet their security compliance requirements?



    ------------------------------
    Allan Song
    ------------------------------


  • 2.  RE: AIX - Encrypted Logical Volume (ELV)

    Posted Wed September 18, 2024 11:00 AM

    Hi Allan,

    You can add new passphrase authentication method with the new password and delete the old one, this can be done without decrypting the LV.

    Thanks,

    \Madan



    ------------------------------
    Madan Chukka
    ------------------------------

    Original Message


  • 3.  RE: AIX - Encrypted Logical Volume (ELV)

    Posted Wed September 18, 2024 11:00 AM

    Hi Allan, 

    You can add a new passphrase authentication method with a new password and delete the old one. This can be done without decrypting the LV.

    Thanks,

    \Madan



    ------------------------------
    Madan Chukka
    ------------------------------

    Original Message


  • 4.  RE: AIX - Encrypted Logical Volume (ELV)

    Posted Wed September 18, 2024 10:55 PM

    Thanks Madan for your sharing. 

    I have just found from IBM support that the development team is working on adding an authchange feature, expected in the AIX 7.3 TL4 release in 2025, with an RFE to track progress.



    ------------------------------
    Allan Song
    ------------------------------

    Original Message