ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Tivoli Encryption Questions

2006-06-28 10:06:51
Subject: Re: Tivoli Encryption Questions
From: Andrew Raibeck <storman AT US.IBM DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Wed, 28 Jun 2006 08:11:00 -0600 
> 1) What type of encryption is used for Tivoli passwords stored in
> the Windows Registry?

Currently DES-56 is used.

> 2) If a password is set for the Tivoli Encryption on a node, can
> that password ever be changed or does the same password always have
> to be used for the life of the data backed up.  For example, you
> backup and encrypt your files with password xxxxxx stored in the
> windows registry.  Can you change that password at some point to
> yyyyyy and be able to restore that data

Yes and no. Yes with the xxxxxx key, no with the yyyyyy key.

> or is xxxxxx forever linked
> to that encrypted data?

Correct. If you back up a file with encryption key xxxxxx, subsequently
change the key at a later date, then when you try to restore the file, you
will be prompted to enter the correct encryption key (xxxxxx). If you do
not know the correct key, then you will not be able to restore or retrieve
the data. THERE IS NO "BACK DOOR". So be careful about changing encryption
keys, as it is up to you to manage and track them.

Regards,

Andy

Andy Raibeck
IBM Software Group
Tivoli Storage Manager Client Development
Internal Notes e-mail: Andrew Raibeck/Tucson/IBM@IBMUS
Internet e-mail: storman AT us.ibm DOT com

IBM Tivoli Storage Manager support web page:
http://www-306.ibm.com/software/sysmgmt/products/support/IBMTivoliStorageManager.html

The only dumb question is the one that goes unasked.
The command line is your friend.
"Good enough" is the enemy of excellence.

"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 06/21/2006
10:16:38 AM:

> I have a couple of questions regarding encryption from TSM.
>
> 1) What type of encryption is used for Tivoli passwords stored in
> the Windows Registry?
>
> 2) If a password is set for the Tivoli Encryption on a node, can
> that password ever be changed or does the same password always have
> to be used for the life of the data backed up.  For example, you
> backup and encrypt your files with password xxxxxx stored in the
> windows registry.  Can you change that password at some point to
> yyyyyy and be able to restore that data or is xxxxxx forever linked
> to that encrypted data?
>
> Thanks,
>
> Jeremy Curtis
> Backup Administator
> Vail Resorts, Inc.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  AW: [ADSM-L] clients hanging sometimes, Thomas Rupp
Next by Date:  [no subject], Robin Sharpe
Previous by Thread:  Tivoli Encryption Questions, Jeremy Curtis
Next by Thread:  Re: Tivoli Encryption Questions, Wira Chinwong
Indexes:  [Date] [Thread] [Top] [All Lists]