删除加密密钥是一种快速高效地使大量数据无法访问的方法。即使密钥仍在使用中也可以删除。如果密钥仍在使用,则将显示警告消息并需要确认删除。使用该密钥的所有共享资源或项目将取消共享,客户机无法再对其进行访问。
如果可能再次使用 LOCAL(本地)密钥访问其关联的共享资源,则在删除该密钥之前备份密钥名称和值。然后可以在以后执行恢复过程,如How to Restore a LOCAL Key (CLI)中所述。
使用以下过程删除 LOCAL(本地)或 OKM 加密密钥。
hostname:shares encryption local local_keys> destroy keyname=AKTEST_K1
This key has the following dependent shares:
    Pool2/local/BG1
    Pool2/local/BG1/BG3
    Pool2/local/BG1/fast1
    Pool2/local/default/BG2
Destroying this key will render the data inaccessible. Are you sure? (Y/N)
            hostname:> shares select test_project select test_share1
hostname:shares test_project/test_share1> get encryption keystore keyname keystatus
                   encryption = aes-128-ccm (inherited)
                      keystore = LOCAL (inherited)
                       keyname = AKTEST_K1 (inherited)
                     keystatus = unavailable
Errors:
            key_unavailable
            hostname:shares (pool-010) encryption local keys> select keyname=1 hostname:shares
       (pool-010) encryption local key-002> list
Properties:
                        cipher = AES
                       keyname = 1
hostname:shares (pool-010) encryption local key-002> list dependents DEPENDENTS
        pool-010/local/default/a hostname:shares (pool-010) encryption local key-002>