Saving A Security KeyYou save an externally storable copy of the security key when the security key is first created and each time it ischanged. You can create additional storable copies at any time. To save a new copy of the security key, you mustprovide a pass phrase. The pass phrase you choose does not need to match the pass phrase used when the security keywas created or last changed. The pass phrase is applied to the particular copy of the security key you are saving.To save the security key for the storage array,1. In the AMW toolbar, select Storage Array → Security → Physical Disk Security → Save Key.The Save Security Key File - Enter Pass Phrase window is displayed.2. Edit the default path by adding a file name to the end of the path or click Browse, navigate to the required folderand enter the name of the file.3. In Pass phrase, enter a string for the pass phrase.The pass phrase must meet the following criteria:– It must be between eight and 32 characters long.– It must contain at least one uppercase letter.– It must contain at least one lowercase letter.– It must contain at least one number.– It must contain at least one non-alphanumeric character (for example, < > @ +).The pass phrase that you enter is masked.4. In Confirm pass phrase, re-enter the exact string you entered in Pass phrase.Make a record of the pass phrase you entered. You need it for later secure operations.5. Click Save.6. Make a record of the security key identifier and the file name from the Save Security Key Complete dialog, and clickOK.Validate Security KeyA file in which a security key is stored is validated through the Validate Security Key dialog. To transfer, archive, or backup the security key, the RAID controller module firmware encrypts (or wraps) the security key and stores it in a file. Youmust provide a pass phrase and identify the corresponding file to decrypt the file and recover the security key.Data can be read from a security enabled physical disk only if a RAID controller module in the storage array provides thecorrect security key. If security enabled physical disks are moved from one storage array to another, the appropriatesecurity key must also be imported to the new storage array. Otherwise, the data on the security enabled physical disksthat were moved is inaccessible.See the online help topics for more information on validating the security key.Unlocking Secure Physical DisksYou can export a security enabled disk group to move the associated physical disks to a different storage array. Afteryou install those physical disks in the new storage array, you must unlock the physical disks before data can be readfrom or written to the physical disks. To unlock the physical disks, you must supply the security key from the originalstorage array. The security key on the new storage array is different and cannot unlock the physical disks.You must supply the security key from a security key file that was saved on the original storage array. You must providethe pass phrase that was used to encrypt the security key file to extract the security key from this file.71