WEB开发网
开发学院操作系统Linux/Unix AIX 6 加密文件系统(Encrypted File System),第... 阅读

AIX 6 加密文件系统(Encrypted File System),第 6 部分:备份与恢复

 2008-09-06 08:19:58 来源:WEB开发网   
核心提示: 删除原始 file1、file2 和 file3, user6 使用 restore 命令恢复所有的文件,AIX 6 加密文件系统(Encrypted File System),第 6 部分:备份与恢复(7),在进行恢复之后,所有的文件都保持了创建时的访问密钥, user6 可以使用活动密

删除原始 file1、file2 和 file3。

user6 使用 restore 命令恢复所有的文件。在进行恢复之后,所有的文件都保持了创建时的访问密钥。

正如 cat 命令所显示的,user6 仍然可以访问所有的文件。

正如 efskeymgr -D 和 efskeymgr -v 命令所显示的,已经删除了 key2,并将其从 user6 密钥存储库中删除。

再次删除 file1、file2 和 file3。

user6 使用 restore 命令成功地恢复了所有的文件。

正如 efskeymgr -o 和 efskeymgr -V 命令所显示的,任何新生成的 Shell 都不包含 key2。

user6 可以使用活动密钥 (key3) 访问 file3、使用已弃用的密钥 (key1) 访问 file1,但再不能够访问 file2,因为 key2 已经删除。

示例 4 除了文件之外还必须保存访问密钥

$ echo 1111 > file1
$ efsmgr -l file1
EFS File information:
Algorithm:AES_128_CBC
List of keys that can open the file:
Key #1:
Algorithm :RSA_1024
Who :uid 208
Key fingerprint :c566b5cf:04921ffa:1480a2bc:b34d48f3:c9cccb9c
$ efskeymgr -v
Keystore content:
Keystore owner ............: uid 208
Keystore mode .............: admin:managed by EFS administrator
Password changed last on ..: 05/11/07 at 16:10:19
Private key:
Algorithm :RSA_1024
Fingerprint :c566b5cf:04921ffa:1480a2bc:b34d48f3:c9cccb9c
Validity :This key is valid.
$ efskeymgr -R RSA_1024
$ efskeymgr -o ksh user6's EFS password:
$ touch file2
$ echo 2222> file2
EFS File information:
Algorithm:AES_128_CBC
List of keys that can open the file:
Key #1:
Algorithm :RSA_1024
Who :uid 208
Key fingerprint :ffcbef78:cf865d70:bfab5101:ab572d70:f3326d79
$ efskeymgr -R RSA_1024
$ efskeymgr -o ksh user6's EFS password:
$ echo 3333> file3
$ efsmgr -l file3
EFS File information:
Algorithm:AES_128_CBC
List of keys that can open the file:
Key #1:
Algorithm :RSA_1024
Who :uid 208
Key fingerprint :340e3449:a1fb5712:6163de83:02c08db1:400d830e
$ efskeymgr -v
Keystore content:
Keystore owner ............: uid 208
Keystore mode .............: admin:managed by EFS administrator
Password changed last on ..: 05/11/07 at 16:10:19
Private key:
Algorithm :RSA_1024
Fingerprint :340e3449:a1fb5712:6163de83:02c08db1:400d830e
Validity :This key is valid.
Private key:
Algorithm :RSA_1024
Fingerprint :ffcbef78:cf865d70:bfab5101:ab572d70:f3326d79
Validity :This key was deprecated on 05/11/07 at 16:41:27.
Private key:
Algorithm :RSA_1024
Fingerprint :c566b5cf:04921ffa:1480a2bc:b34d48f3:c9cccb9c
Validity :This key was deprecated on 05/11/07 at 16:33:10.
$ ls file*|backup -ivZf archive
Mount volume 1 on archive.
Press Enter to continue.
Backing up to archive.
Cluster 51200 bytes (100 blocks).
Volume 1 on archive
a 4096 file1
a 4096 file2
a 4096 file3
The total size is 12288 bytes.
Backup finished on Fri May 11 17:03:46 CDT 2007; there are 100 blocks on 1 volumes.
$ rm file*
$ restore -xvf archive
Please mount volume 1 on archive.
Press the Enter key to continue.
New volume on archive:
Cluster size is 51200 bytes (100 blocks).
The volume number is 1.
The backup date is:Fri May 11 17:03:45 CDT 2007
Files are backed up by name.
The user is root.
x 4096 file1
x 4096 file2
x 4096 file3
The total size is 12288 bytes.
The number of restored files is 3.
$ efsmgr -l file1
EFS File information:
Algorithm:AES_128_CBC
List of keys that can open the file:
Key #1:
Algorithm :RSA_1024
Who :uid 208
Key fingerprint :c566b5cf:04921ffa:1480a2bc:b34d48f3:c9cccb9c
$ efsmgr -l file2
EFS File information:
Algorithm:AES_128_CBC
List of keys that can open the file:
Key #1:
Algorithm :RSA_1024
Who :uid 208
Key fingerprint :ffcbef78:cf865d70:bfab5101:ab572d70:f3326d79
$ efsmgr -l file3
EFS File information:
Algorithm:AES_128_CBC
List of keys that can open the file:
Key #1:
Algorithm :RSA_1024
Who :uid 208
Key fingerprint :340e3449:a1fb5712:6163de83:02c08db1:400d830e
$ cat file*
1111
2222
3333
$ efskeymgr -D ffcbef78:cf865d70:bfab5101:ab572d70:f3326d79
$ efskeymgr -v
Keystore content:
Keystore owner ............: uid 208
Keystore mode .............: admin:managed by EFS administrator
Password changed last on ..: 05/11/07 at 16:10:19
Private key:
Algorithm :RSA_1024
Fingerprint :340e3449:a1fb5712:6163de83:02c08db1:400d830e
Validity :This key is valid.
Private key:
Algorithm :RSA_1024
Fingerprint :c566b5cf:04921ffa:1480a2bc:b34d48f3:c9cccb9c
Validity :This key was deprecated on 05/11/07 at 16:33:10.
$ rm file*
$ restore -xvf archive
Please mount volume 1 on archive.
Press the Enter key to continue.
New volume on archive:
Cluster size is 51200 bytes (100 blocks).
The volume number is 1.
The backup date is:Fri May 11 17:03:45 CDT 2007
Files are backed up by name.
The user is root.
x 4096 file1
x 4096 file2
x 4096 file3
The total size is 12288 bytes.
The number of restored files is 3.
$ efskeymgr -o ksh
$ cat file*
1111
cat:0652-050 Cannot open file2.
3333
示例 5 使用活动的用户密钥对文件进行重新加密
$ efskeymgr -v
Keystore content:
Keystore owner ............: uid 208
Keystore mode .............: admin:managed by EFS administrator
Password changed last on ..: 05/11/07 at 16:10:19
Private key:
Algorithm :RSA_1024
Fingerprint :340e3449:a1fb5712:6163de83:02c08db1:400d830e
Validity :This key is valid.
Private key:
Algorithm :RSA_1024
Fingerprint :c566b5cf:04921ffa:1480a2bc:b34d48f3:c9cccb9c
Validity :This key was deprecated on 05/11/07 at 16:33:10.
$ efsmgr -l file1
EFS File information:
Algorithm:AES_128_CBC
List of keys that can open the file:
Key #1:
Algorithm :RSA_1024
Who :uid 208
Key fingerprint :c566b5cf:04921ffa:1480a2bc:b34d48f3:c9cccb9c
$ efsmgr -e file1
$ efsmgr -l file1
EFS File information:
Algorithm:AES_128_CBC
List of keys that can open the file:
Key #1:
Algorithm :RSA_1024
Who :uid 208
Key fingerprint :340e3449:a1fb5712:6163de83:02c08db1:400d830e

上一页  2 3 4 5 6 7 

Tags:AIX 加密 文件

编辑录入:爽爽 [复制链接] [打 印]
赞助商链接