Seeding the new key server token
Backing up the token data
When transitioning from a full token to a new token,
You can back up the keys on the token from the RMI,
you can copy the highest numbered keys from the full
which requires the administrator password. During the
token to the new token to enable read operations from
token backup process, the autoloader or library will
tapes written with keys on the full token.
write the token information to a file in a secure format,
Keys are typically stored in the order that they were
which will be saved on the computer from which you
created. The new token has room for 100 keys. The
are running the browser with the RMI. After the file is
more keys that are copied from the full token, the fewer
written, the information can be restored to a different
keys can be created on the new token in the future.
Verify that no backup operations are in progress.
Log into the RMI Configuration: Security page or
MSL6480 Configuration > Encryption > USB —
Navigate to the Configuration > Encryption > USB
MSL Encryption Kit screen.
— MSL Encryption Kit screen.
Insert the full token into the USB port on the back
Expand the Key Management section.
of the autoloader or library, and enter the PIN.
Enter a password, which will be used to secure
the data file on the computer, in both fields. The
If the Number of Keys to Backup option is not
second password entry ensures that the password
visible, you must back up all keys on the token to
was typed correctly .
a file before creating a file with just some of the
keys. To back up the full token, see “Backing up
The password must be at least 8 characters and
the token data” (page 5).
no longer than 16 characters. The password must
contain at least one lower case letter, one upper
In the Back up Token to File pane, enter a
case letter, and at least two digits.
password, which will be used to secure the data
file on the computer, in both fields. The second
Click Save.
password entry ensures that the password was
typed correctly.
Autoloader and other libraries
Click Submit Token Backup File Password.
Navigate to the Configuration: Security page.
In the Number of Keys to Backup field, select the
In the Back up Token to File pane, enter a
number of keys to copy onto the new token. The
password, which will be used to secure the data
highest-numbered keys, which are normally the
file on the computer, in both fields. The second
most recent, will be copied. For example, if the
password entry ensures that the password was
token has 100 keys and you select 3, keys 98,
typed correctly.
99, and 100 will be copied.
The password must be at least 8 characters and
Click Save. The RMI will prompt you for the
no longer than 16 characters. The password must
location to save the file. Follow the instructions in
contain at least one lower case letter, one upper
the RMI.
case letter, and at least two digits.
Insert the new token into the USB port of the
Click Submit Token Backup File Password.
autoloader or library, and enter the PIN.
Click Save. The RMI will prompt you for the
Enter the password used to create the token
location to save the file. Follow the instructions in
backup file. Click Submit Token Restore File
the RMI.
10. Browse to the location of the token backup file
containing the seed keys. Click Restore. (The
Browse button will be active after the token restore
file password is submitted.)
11. If you paused write operations at the beginning
of the procedure, you can resume them.
