Efsdecrypt

The efsdecrypt option allows you to control whether or not files encrypted by an AIX® Encrypted File System (EFS) are read in encrypted or decrypted format.

The efsdecrypt option default is no, which is to back up the encrypted or raw data. If you specify yes, the files are backed up as clear text, which means that they are backed up as normal files, as if the files existed in unencrypted form on the file system.

Important: Whenever you run a backup that includes any files encrypted on an EFS, you must ensure that you use the correct specification of the efsdecrypt option. If the efsdecrypt option value changes between two incremental backups, all encrypted files on EFS file systems are backed up again, even if they have not changed since the last backup. For example, if you are running an incremental backup of encrypted files that were previously backed up as "raw," then ensure that efsdecrypt is specified as no. If you change efsdecrypt to yes, all the files are backed up again in clear text even if they are unchanged, so ensure that you use this option carefully.

Note: This is a global option that is applied to the complete backup. Two separate invocations of the client are required to back up some encrypted files as raw data and others as clear text.

Supported Clients

This option is valid for AIX clients.

Options File

Place this option in the dsm.sys file or the client user-options file (dsm.opt). In the dsm.sys file, you must place this option within a server stanza.

Syntax


               .-No--.   
>>-EFSDecrypt--+-----+-----------------------------------------><
               '-Yes-'

Parameters

No: Encrypted files are read in encrypted or raw data format, and Tivoli® Storage Manager encryption and compression is forced off. This is the default.
Yes: Encrypted files are read in decrypted or clear text format.

Examples

Options file:: EFSDecrypt yes
Command line:: -EFSDecrypt=no