Problem: Can't enable EFS on the system
# efsenable -a
/usr/lib/drivers/crypto/clickext: A file or directory in the path name does not exist.
Unable to load CLiC kernel extension. Please check your installation.
Solution:
Install CLiC filesets from AIX Expansion Pack CD
clic.rte
installp -l -d clic.rte
Fileset Name Level I/U Q Content
====================================================================
clic.rte.includes 4.3.0.0 I N usr
# CryptoLite for C Library Include File
clic.rte.kernext 4.3.0.0 I N usr,root
# CryptoLite for C Kernel
clic.rte.lib 4.3.0.0 I N usr
# CryptoLite for C Library
2) Problem: Can't view user's key:
$ efskeymgr -v
Problem initializing EFS framework.
Please check EFS is installed and enabled (see efsenable) on you system.
Error was: (EFS was not configured)
Solution:
Enable EFS on the system:
# efsenable -a
and give root's password when it asks for root's initial keystore.
3) Problem: Can't enable encryption inheritiance on a directory.
# efsmgr -E testdir
or
Can't enable encryption on a specific file
# efsmgr -e myfile
Problem initializing EFS framework.
Please check EFS is installed and enabled on you system.
Error was: (EFS was not configured)
Solution:
Make sure CLiC filesets are installed
Enable EFS on the system
Enable EFS and RBAC on the filesystem:
# chfs -a efs=yes /myfilesystem
4) Problem: Have enabled EFS on a filesystem but get error mounting:
# mount /efstest
The CLiC library (libclic.a) is not available. Install clic.rte and run 'efsenable -a'.
Solution:
Install CLiC filesets
Enable EFS on the system
Remount the filesystem
5) Problem: No encryption algorithms show up!
# efsenable -q
List of supported algorithms for keystores:
1
2
3
List of supported ciphers for files:
1
2
3
4
5
6
Solution:
Install CLiC filesets
# efsenable -q
List of supported algorithms for keystores:
1 RSA_1024
2 RSA_2048
3 RSA_4096
List of supported ciphers for files:
1 AES_128_CBC
2 AES_192_CBC
3 AES_256_CBC
4 AES_128_ECB
5 AES_192_ECB
6 AES_256_ECB
# efsenable -a
/usr/lib/drivers/crypto/clickext: A file or directory in the path name does not exist.
Unable to load CLiC kernel extension. Please check your installation.
Solution:
Install CLiC filesets from AIX Expansion Pack CD
clic.rte
installp -l -d clic.rte
Fileset Name Level I/U Q Content
====================================================================
clic.rte.includes 4.3.0.0 I N usr
# CryptoLite for C Library Include File
clic.rte.kernext 4.3.0.0 I N usr,root
# CryptoLite for C Kernel
clic.rte.lib 4.3.0.0 I N usr
# CryptoLite for C Library
2) Problem: Can't view user's key:
$ efskeymgr -v
Problem initializing EFS framework.
Please check EFS is installed and enabled (see efsenable) on you system.
Error was: (EFS was not configured)
Solution:
Enable EFS on the system:
# efsenable -a
and give root's password when it asks for root's initial keystore.
3) Problem: Can't enable encryption inheritiance on a directory.
# efsmgr -E testdir
or
Can't enable encryption on a specific file
# efsmgr -e myfile
Problem initializing EFS framework.
Please check EFS is installed and enabled on you system.
Error was: (EFS was not configured)
Solution:
Make sure CLiC filesets are installed
Enable EFS on the system
Enable EFS and RBAC on the filesystem:
# chfs -a efs=yes /myfilesystem
4) Problem: Have enabled EFS on a filesystem but get error mounting:
# mount /efstest
The CLiC library (libclic.a) is not available. Install clic.rte and run 'efsenable -a'.
Solution:
Install CLiC filesets
Enable EFS on the system
Remount the filesystem
5) Problem: No encryption algorithms show up!
# efsenable -q
List of supported algorithms for keystores:
1
2
3
List of supported ciphers for files:
1
2
3
4
5
6
Solution:
Install CLiC filesets
# efsenable -q
List of supported algorithms for keystores:
1 RSA_1024
2 RSA_2048
3 RSA_4096
List of supported ciphers for files:
1 AES_128_CBC
2 AES_192_CBC
3 AES_256_CBC
4 AES_128_ECB
5 AES_192_ECB
6 AES_256_ECB
No comments:
Post a Comment