How do I backup the agent communication encryption keys in the NetIQ UNIX Agent Manager? (NETIQKB48080)

  • Document ID:7748080
  • Creation Date:02-Feb-2007
  • Modified Date:09-Mar-2010
    • Micro Focus Products:
      Secure Configuration Manager

Environment

Failing to backup the UNIX Agent encryption keys when moving UNIX systems to a new UNIX Agent Manager console instance will require the end user to remove the generated psek security keys from each UNIX Agent he/she wishes to manage.

Situation

How do I backup the agent communication encryption keys in the NetIQ UNIX Agent Manager?

Resolution

To save the encryption key of one or more agents, complete the following steps:

  1. Open the NetIQ UNIX Agent Manager.
  2. Click Agent Manager.
  3. Click Edit Hosts in the Hosts menu.
  4. Select the hosts whose encryption keys you want to save.
  5. Click Export Selected.
  6. Type a name for the .psh file and click Save.

The .psh file should be backed up or moved to a secure location. It is also important to back up or secure the file digest in the .\vsau directory. This digest holds agent encryption information and the password for the Unix Manager console.

You can use the Edit Hosts > Import Hosts option to open the .psh file and quickly restore the hosts list. In addition, if the file digest is corrupted or lost, the .psh file will restore the agents.

Cause

The UNIX Agent Manager communicates to UNIX Agent's via a unique, randomly generated encryption key on first communication.  Attempting to connect to a UNIX Agent via more then one console without importing the keys will not work as additional console instances will be unaware of the randomly generated encryption key.

Additional Information

Formerly known as NETIQKB48080