Why doesn't the TSM client support transparent encryption
2006-09-14 23:09:38
I have a customer that requires all data to be encrypted. We started with the
file servers and that was easy enough. I just made sure to add the
encryptiontype and include.encrpyt entries to the dsm.opt file. I then backed
up a file and was promted for the key. We typed the key and everything is
encrypted. Having to type this key for every server is a real pain and it
eliminates the possibilty of completly automating the install.
Then we started working with encryption for the TDP for SQL. I see that it
uses the option enableclientencryptkey which actually generates a key
automatically and stores it on the TSM server. It also looks like that is a
function of the API. So, why in the heck can't I do the same thing with the
real BA Client. I'd like it to just automatically generate a key as well.
Then we can automate all the installs, never have to type a key and the data
will also be encrypted.
Unless I'm missing something and you can use that option with the BA Client
but there is zero mention of enableclientencryptkey in any of the BA client
manuals.
Now, I added the option to the BAClient dsm.opt. It started without erroring.
I ran q opt and it shows that it is set. From other reading I this is there
for the VSS backup capabilities. Anyway, even with the option set in that
dsm.opt file I still am prompted to provide a key.
Kyle
---------------------------------
Do you Yahoo!?
Get on board. You're invited to try the new Yahoo! Mail.
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Why doesn't the TSM client support transparent encryption,
TSM_User <=
|
|
|