Looking for some assistance here on a Dell server connected to a Dell tape robot with Redhat 5.4 and Netbackup 6.5.
Netbackup thinks the tapes are all present and working, but they are not - we lost the internal encryption keys earlier but think that they are reinstated as the server is now running.
We've had an issue on the system and the paths to all the LTO's are down so I'm looking to reinstate the paths using the
command.
Have run it several times with no joy, can someone that has used the command or seen this situation give me a heads up please.
Regards
Dave
---------- Post updated at 04:35 PM ---------- Previous update was at 04:32 PM ----------
Hi Guys,
This thread can be closed - it looks like after the encryption server restart - a GUI/Netbackup restart resolves the problem.
Regards
Dave
Last edited by gull04; 04-11-2014 at 12:33 PM..
Reason: Missing code tags
Dear People
I have removed some of my files and directories( by using rm and rmdir commands) by mistake. I wish to bring them back. How is it possible?( I am using solaris 2.6)
best regards
Reza Nazarian:( (2 Replies)
Howdy,
I'm trying to tar some directories to tape and then extract them from tape on another machine. I was hoping someone could help me with the syntax of the tar commands. Both machines are running Solaris 8.
Need to get all files and directories under the following:
... (6 Replies)
Hi guys and gir.. emm
hey guys! (only kidding girls)
I have been asked to provide a tutorial on how to perform an automatic back up (to tape) for 23 sun sparc workstations networked using an ethernet setup under the UNIX operating system.
Sounds easy enough to you... I've never ever seen... (4 Replies)
i have an ibm machine with dds4 drive running sco. i bought new hp dds4 tape for my back-up. the new tapes are not being read by the system, it says tape error, no such device. i've already clean the drive several times but still the same error occur. i've tried to use the same tape on our windows... (3 Replies)
I deleted my partition on a test server and want to
bring back the partition.
I have not rebooted yet, so system is operational.
I have the /proc/partition
major minor #blocks name
8 0 195359960 sda
8 1 1044224 sda1
8 ... (2 Replies)
Hi all,
I have a problem, when I use script with 'expect', accidentally I was deleted root account by "userdel root". Unfortunately, it works, because no other root user login on it. Solaris document said that root cannot delete root, but in my case it works because it deleted by script, not... (7 Replies)
hello
I have a problem with HP MSL2024 Library with redhat Enterprise 4,
tape is giving the below kernel errors on the system's messeges
kernel: st0: Error 70000 (sugg. bt 0x0, driver bt 0x0, host bt 0x7).
kernel: st0: Error with sense data: Info fld=0x10000, Deferred st0: sense key Medium... (3 Replies)
:confused:
when i tried to look the status of DNS-client, it is in maintenance mode.....
Please tell me how to bring it back to online mode...PLEASE TELL ME STEP BY STEP.... PLEASE...
:wall: (2 Replies)
Hello everbody
I changed one of my important files with a false sed statement by mistake now I lost my file and I hope I could bring it back
what I did was:
sed '/^..//' a > myfile
myfile should have been another file like b ot something I know I also forgot to place an 's' to the... (5 Replies)
Discussion started by: miriammiriam
5 Replies
LEARN ABOUT DEBIAN
keyfile
KEYFILE(5) AFS File Reference KEYFILE(5)NAME
KeyFile - Defines AFS server encryption keys
DESCRIPTION
The KeyFile file defines the server encryption keys that the AFS server processes running on the machine use to decrypt the tickets
presented by clients during the mutual authentication process. AFS server processes perform privileged actions only for clients that
possess a ticket encrypted with one of the keys from the file. The file must reside in the /etc/openafs/server directory on every server
machine. For more detailed information on mutual authentication and server encryption keys, see the OpenAFS Administration Guide.
Each key has a corresponding a key version number that distinguishes it from the other keys. The tickets that clients present are also
marked with a key version number to tell the server process which key to use to decrypt it. The KeyFile file must always include a key with
the same key version number and contents as the key currently listed for the "afs/cell" principal in the associated Kerberos v5 realm or
Authentication Database. (The principal "afs" may be used if the cell and realm names are the same, but adding the cell name to the
principal is recommended even in this case. "afs" must be used as the principal name if the cell uses the Authentication Server rather than
a Kerberos v5 realm.) The key must be a DES key; no stronger encryption type is supported.
The KeyFile file is in binary format, so always use either the asetkey command or the appropriate commands from the bos command suite to
administer it:
o The asetkey add or bos addkey command to add a new key.
o The asetkey list or bos listkeys command to display the keys.
o The asetkey delete or bos removekey command to remove a key from the file.
The asetkey commands must be run on the same server as the KeyFile file to update. The bos commands may be run remotely. Normally, new keys
should be added from a Kerberos v5 keytab using asetkey add. bos addkey is normally only used if the Authentication Server is in use
instead of a Kerberos v5 realm.
In cells that use the Update Server to distribute the contents of the /etc/openafs/server directory, it is customary to edit only the copy
of the file stored on the system control machine. Otherwise, edit the file on each server machine individually.
CAUTIONS
The most common error caused by changes to KeyFile is to add a key that does not match the corresponding key for the Kerberos v5 principal
or Authentication Server database entry. Both the key and the key version number must match the key for the corresponding principal, either
"afs/cell" or "afs", in the Kerberos v5 realm or Authentication Database. For a Kerberos v5 realm, that principal must only have DES
encryption types in the Kerberos KDC.
In the unusual case of using bos addkey to add a key with a known password matching a password used to generate Kerberos v5 keys, the keys
in the Kerberos v5 KDC database must use "afs3" salt, not the default Kerberos v5 salt. The salt doesn't matter for the more normal
procedure of extracting a keytab and then adding the key using asetkey.
SEE ALSO asetkey(8), bos_addkey(8), bos_listkeys(8), bos_removekey(8), kas_setpassword(8), upclient(8), upserver(8)
The OpenAFS Administration Guide at <http://docs.openafs.org/AdminGuide/>.
COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas
Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
OpenAFS 2012-03-26 KEYFILE(5)