Zeroizing the Hardware

A P P E N D I X E

This appendix describes how to perform a hardware zeroize of the Sun Crypto Accelerator 6000 Board, which returns the board to the factory state. When the board is returned to the factory state, it is in Failsafe mode.

Caution - You should perform a hardware zeroize only if it is absolutely necessary. If you need to remove all key material only, perform a software zeroize with the zeroize command in the scamgr program. See Perform a Software Zeroize on the Board. Also refer to the online manual pages for scadiag(4) regarding removing all key material.

Note - Performing a hardware zeroize on the board removes the Sun Crypto Accelerator 6000 firmware. You will have to reinstall the firmware which is provided with the Sun Crypto Accelerator 6000 software.

Zeroizing the Sun Crypto Accelerator 6000 Hardware to the Factory State

In some situations, it might become necessary to return a board to failsafe mode, and clear it of all key material and configuration information. This can only be done by using a standard SCSI hardware jumper (shunt).

Note - You can use the zeroize command with the scamgr program to remove all key material from a Sun Crypto Accelerator 6000 Board. However, the zeroize command leaves any updated firmware intact. See Perform a Software Zeroize on the Board. Also refer to the scadiag(4) online manual pages.

Zeroize the Sun Crypto Accelerator 6000 Board With a Hardware Jumper

1. Power off the system.

Note - For some systems, you can use dynamic reconfiguration (DR) to remove and replace the board as necessary for this procedure instead of powering off the system. Refer to the documentation delivered with your system for the correct DR procedures.

Caution - The board must not receive any electrical power while adjusting the jumper.

2. Remove the computer cover to get access to the jumper, which is located at the top middle of the board.

3. Place the jumper on pins 0 and 1 of the jumper block.

Pins 0 and 1 are the pins closest to the top of the board. There are three sets of two pins. Place the jumper on the 0 and 1 pin set as shown in FIGURE E-1.

Caution - The board does not function with the jumper on pins 0 and 1.

FIGURE E-1 Hardware Jumper Block Pins

4. Power on the system.

Caution - When you power on the system after adjusting the hardware jumper, all firmware, key material, and configuration information is deleted. This process returns the board to the factory state and places the board in Failsafemode.

5. Power off the system.

6. Remove the jumper from pins 0 and 1 of the jumper block and store the jumper in the original location.

Note - You can safely store the jumper on pins 3 and 5. This location does not affect any operation of the board

7. Power on the system.

8. Connect to the Sun Crypto Accelerator 6000 Board with scamgr.

scamgr prompts you for a path to upgrade the firmware.

9. Type /opt/SUNWconn/cryptov2/firmware/sca6000fw as the path for installing the firmware.

The firmware is automatically installed and you are logged out of scamgr.

10. Reconnect to Sun Crypto Accelerator 6000 Board with scamgr.

scamgr prompts you to either initialize the board with a new keystore, or initialize the board to use an existing keystore. See Initializing the Board With scamgr.