We have a group of TSM clients which has been encrypting its backup
data using the ENCRYPTKEY=SAVE option. Now the administration of
those clients is moving to a different team, and the old team does not
wish to give the new team the original encryption key because it is
used for several dozen other clients. However, the new team may need
to restore files backed up with the old key. Is there a way to remove
or replace the encryption key on already backed-up files?
If the ENCRYPTKEY option was changed to GENERATE would that
retroactively change the encryption key on the already backed up files
so they could be restored by the new team? If not, is there another
solution?
Our TSM server is running on Linux at release 5.5.3. The Linux TSM
clients are at release 5.3, but would be upgraded to 5/5 to utilize
ENCRYPTKEY=GENERATE.
Thank you,
Keith Arbogast
Indiana University
|