メインコンテンツまでスキップ
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

オンボードキー管理( OKM )を使用している場合:キークエリの実行時に、一部のノードに VEK が表示されません

Views:
65
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

環境

  • ONTAP 9.6
  • オンボードキーマネージャ( OTM )

問題

VEK は、実行時に一部のノードの下に表示されません "security key-manager key query"

Cluster::*> key-manager key query
  (security key-manager key query)

   Vserver: Cluster
 Key Manager: onboard
     Node: Cluster-01
  Key Server: ""

Key Tag                 Key Type  Restored
------------------------------------  --------  --------
Cluster-01               NSE-AK   true
   Key ID: 000000000000000002000000000001003260fcee69xxxx88155e8f9511a75680000000000000000
Cluster-01                NSE-AK   true
   Key ID: 00000000000000000200000000000100354a30c9xxxx1b4ea18d772a94dc398d0000000000000000
Cluster-01               SVM-KEK   true
   Key ID: 00000000000000000200000000000a002c38fab416e3d9xxx8c0876576160ff0000000000000000
Cluster-01               SVM-KEK   true
   Key ID: 00000000000000000200000000000a008a2aafe553axxxxc2f1d1429014c35c70000000000000000

   Vserver: Cluster
 Key Manager: onboard
     Node: Cluster-02
  Key Server: ""

Key Tag                 Key Type  Restored
------------------------------------  --------  --------
Cluster-02                NSE-AK   true
   Key ID: 000000000000000002000000000001003260fcee69xxxxd88155e8f9511a75680000000000000000
Cluster-02                NSE-AK   true
   Key ID: 00000000000000000200000000000100354a30c9xxxx1b4ea18d772a94dc398d0000000000000000
SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500950bdf38a251b7xxxxac5acae751d5aa0000000000000000
SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500a3896a2b6ab5xxxx6387c9b52c31005c0000000000000000
Cluster-02               SVM-KEK   true
   Key ID: 00000000000000000200000000000a002c38fab416e3d9xxxx8c0876576160ff0000000000000000
Cluster-02                SVM-KEK   true
   Key ID: 00000000000000000200000000000a008a2aafe553axxxxc2f1d1429014c35c70000000000000000
10 entries were displayed.

If any listed keys have "false" in the "Restored" column, run the "security key-manager external restore" command to restore the keys that are stored on an external key server and run the "security key-manager onboard sync" command to synchronize the keys that are part of the onboard key hierarchy.
 

ノードに次のキーが表示されないことを確認します。 Cluster-01 :

SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500950bdf38a251b7xxxxac5acae751d5aa0000000000000000
SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500a3896a2b6ab5xxxx6387c9b52c31005c0000000000000000

 

 

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support