ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • security key-manager key create

    Create a new authentication key

    Availability: This command is available to cluster administrators at the admin privilege level.

    Description

    This command creates a new authentication key (AK) and stores it on the the admin Vserver’s key management servers. The command fails if the configured key management servers are already storing more than 256 AKs. If this command fails because there are more than 256 AKs in the cluster, delete unused keys on the Vserver’s key management servers and retry the command. This command is not supported when external key management is not enabled for the admin Vserver.

    Parameters

    [-key-tag <text>] - Key Tag

    This parameter specifies the key tag to associate with the new authentication key (AK). The default value is the node name. This parameter can be used to help identify created authentication keys (AKs). For example, the security key-manager key query command’s key-tag parameter can be used to query for a specific key-tag value.

    [-prompt-for-key {true|false}] - Prompt for Authentication Passphrase

    If you specify this parameter as true, then the command prompts you to enter an authentication passphrase manually instead of generating it automatically. For security reasons, the authentication passphrase you entered is not displayed at the command prompt. You must enter the authentication passphrase a second time for verification. To avoid errors, copy and paste authentication passphrases electronically instead of entering them manually. Data ONTAP saves the resulting authentication key/key ID pair automatically on the configured key management servers.

    Examples

    The following example creates an authentication key with the node name as the default key-tag value:

    cluster-1::> security key-manager key create
    Key ID: 00000000000000000200000000000100d0f7c2462d626b739fe81b89f29a092f0000000000000000

    The following example creates an authentication key with a user-specified authentication passphrase:

    cluster-1::> security key-manager key create -prompt-for-key true
    Enter a new passphrase:
    Reenter the passphrase:
    Key ID: 000000000000000002000000000001006268333f870860128fbe17d393e5083b0000000000000000
    Top of Page