Using Remote Keystore

The encryption keystore provides centralized management of volume encryption passwords. This feature allows you to store and manage encryption passwords securely, simplifying the process of unlocking encrypted volumes.

Managing Encryption Passwords

Adding Passwords to Keystore

You can add encryption passwords to the Encryption Keystore in two ways:

• During volume creation, switch on the Save key in Encryption Store toggle.

• In the key management interface for existing volumes, if the Enable encryption toggle was on during volume creation and the volume key has not been saved in the keystore.

To add a password for an existing volume:

1. Navigate to System > System Settings tab > Encryption Keystore pane.

1. Click Manage keys. The Manage Keys dialog will open.

1. Click Add key next to the volume for which you want to add the encryption key. The Add Encryption Key dialog will open.

1. Type the encryption key specified when creating the volume.

2. Click Save.

Removing Passwords from Keystore

To remove a stored password:

1. Navigate to System Settings > Security and Network.

2. Click Manage keys in the Encryption Keystore pane.

3. Hover over the desired volume.

Unlocking Encrypted Volumes

To unlock a volume whose encryption key is stored in the Encryption Keystore:

1. Select the volume from the volumes list.

2. Select Unlock. The Volume Unlock dialog will open.

3. Instead of specifying the volume’s encryption key, select Unlock using stored key.

If you prefer not to use the stored password, you can still unlock volumes by entering the encryption password manually.

Security Considerations

• The Encryption Keystore must be properly configured before storing or using encryption passwords.

• Removing a password from the keystore does not affect the volume’s encryption settings.

• All passwords stored in the Encryption Keystore are encrypted.