ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • security key-manager create-key

    (DEPRECATED)-Create a new authentication key

    Availability: This command is available to cluster administrators at the admin privilege level.

    Description

    This command is deprecated and may be removed in a future release. Use security key-manager key create instead.

    This command creates a new authentication key (AK) and stores it on the configured key management servers. The command fails if the configured key management servers are already storing more than 128 AKs. If command fails due to more than 128 keys in cluster, delete unused keys on your key management servers and try the command again. This command is not supported when the Onboard Key Manager is enabled.

    Parameters

    [-key-tag <text>] - Key Tag

    This parameter specifies the key tag that you want to associate with the new authentication key (AK). The default value is the node name. This parameter can be used to help identify created authentication keys (AKs). For example, the key-manager query command key-tag parameter can be used to query for a specific key-tag value.

    [-prompt-for-key {true|false}] - Prompt for Authentication Passphrase

    If you specify this parameter as true, the command prompts you to enter an authentication passphrase manually instead of generating it automatically. For security reasons, the authentication passphrase you entered is not displayed at the command prompt. You must enter the authentication passphrase a second time for verification. To avoid errors, copy and paste authentication passphrases electronically instead of entering them manually. Data ONTAP saves the resulting authentication key/key ID pair automatically on the configured key management servers.

    Examples

    The following example creates an authentication key with the node name as the default key-tag value:

    cluster-1::> security key-manager create-key
    
    Verifying requirements...
    
    Node: node1
    Creating authentication key...
    Authentication key creation successful.
    Key ID: 00000000000000000200000000000100D0F7C2462D626B739FE81B89F29A092F.
    
    Node: node2
    Key manager restore operation initialized.
    Successfully restored key information.

    The following example creates an authentication key with key-tag "disk1-key":

    cluster-1::> security key-manager create-key -key-tag disk1-key
    
    Verifying requirements...
    
    Node: node1
    Creating authentication key...
    Authentication key creation successful.
    Key ID: 00000000000000000200000000000100B8297A6189BC24B9B84C1916ED576857.
    
    Node: node2
    Key manager restore operation initialized.
    Successfully restored key information.

    The following example creates an authentication key with a user-specified authentication passphrase:

    cluster-1::> security key-manager create-key -prompt-for-key true
    
    Enter a new passphrase::
    
    Reenter the passphrase::
    
    Verifying requirements...
    
    Node: node1
    Creating authentication key...
    Authentication key creation successful.
    Key ID: 000000000000000002000000000001006268333F870860128FBE17D393E5083B.
    
    Node: node2
    Key manager restore operation initialized.
    Successfully restored key information.
    Top of Page