bpkeyutil

bpkeyutil — run the key file utility that is used for NetBackup standard encryption

SYNOPSIS

<admin_dir_path>bpkeyutil [-stdin | -insert | -delete] [-display] [-client client_name1[,client_name2,...]] [-M server]

On Windows systems, <admin_dir_path> is <install_path>\NetBackup\bin\admincmd\

AVAILABILITY

The bpkeyutil command is available only with the NetBackup Encryption option.

DESCRIPTION

The bpkeyutil command updates a key file that contains the keys that are used for encryption and decryption. The keys are generated based on the private NetBackup pass phrases that you supply. The key file is encrypted by using a key. The NetBackup client software uses an encryption key from the key file to encrypt files during a backup or decrypt files during a restore.

OPTIONS

-stdin

Reads pass phrases from standard input. By default, bpkeyutil reads the pass phrases that you are prompted to input from your terminal window.

-insert

Inserts a new NetBackup pass phrase to the key file to encrypt NetBackup backups and archives on this client.

-delete

Deletes an existing pass phrase from the key file.

-display

Displays information about the key file.

-client client_name1[,client_name2,...,client_namen]

Name of the client where the key file resides. The default is the local client. You may specify multiple client names that are separated by commas. You can only use this argument if you are a NetBackup administrator.

-M server

Name of the master server of the client. The default is the master server defined in the local client's configuration. You can only use this argument if you are a NetBackup administrator on the specified master server.

NOTES

Note the following items when you use the bpkeyutil command:

  • The bpkeyutil command is used for standard encryption.

  • The key file must be the same on all nodes in a cluster.

FILES

Client encryption key file:

Windows systems: install_path\NetBackup\var\keyfile.dat