Ask the Community
Groups
Migrate encryption Master Key file to a new appliance - Connect IT Community | Kaseya
<main> <article class="userContent"> <h2 data-id="summary"><strong>SUMMARY</strong></h2> <p>How to match encryption keys between a new and old Unitrends appliance.</p> <h2 data-id="issue"><strong>ISSUE</strong></h2> <p></p> <p>A new appliance has been installed to replace an existing unit and the encryption Master Key needs to be migrated over.</p> <h2 data-id="resolution"><strong>RESOLUTION</strong></h2> <p></p> <p>Copy the existing Master Key over to the new appliance.<br><br> </p> <div>Backup the Master Key file from the old unit and copy it to /var/lib/misc on the new appliance. Saving the master key file (crypt_image.iso) can be accomplished by burning the file to a CD or saving it to the local appliance samba share.</div> <ol><li>Open the Unitrends UI and select "Configure" on the left.</li> <li>On the Appliances tab, select "Edit"</li> <li>Select the Advanced tab.</li> <li>The following dialog box will be displayed:<br><img alt="Edit Appliance - Advanced" src="https://us.v-cdn.net/6032361/uploads/migrated/HDNA92ZF6IFU/eid-ka83r000000k9xs-feoid-00n40000003czoj-refid-0em40000000qzqj." width="80%" class="embedImage-img importedEmbed-img"></img></li> <li>Select "Save Master Key File"</li> <li>The Master Key file is an ISO image from which a file must be extracted by either burning the image to a disc or mounting the image as a virtual drive in Windows or on a Mac. Read all of the steps below before determining which option to choose: <ul><li>Burn the Master Key file to a CD using the Unitrends appliance. <ol><li>If your appliance has a CD drive, insert a blank disc and click "Continue". The file will be burned to the CD.</li> <li>Remove the CD from the appliance and insert it into a computer with network access to the new appliance's samba share.</li> <li>Copy the "CRYPTODATA" file from the CD to the samba share of the new appliance.</li> <li>Continue with "Install on New Appliance" below.</li> </ol></li> <li>Save the Master Key file to the local samba share. <ol><li>If your appliance has a CD drive, be sure the disc tray is empty.</li> <li>Click "Continue". The "crypt_image.iso" image will be saved to the local samba share.</li> <li>From a Windows (version 8 or higher) or Mac computer, browse to the local samba share.</li> <li>Mount the ISO file as a virtual drive (Not sure how? See third-party references for <a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fcommunity.spiceworks.com%2Fhow_to%2F12394-how-to-re-enable-iso-mounting-in-windows-8-file-explorer">Windows</a> and <a rel="nofollow" href="/home/leaving?allowTrusted=1&target=http%3A%2F%2Fwww.howtogeek.com%2Ftips%2Fhow-to-mount-an-iso-image-in-mac-os-x%2F">Mac</a>).</li> <li>Copy the "CRYPTODATA" file from the ISO image to the samba share of the new appliance.</li> <li>Continue with "Install on New Appliance" below.</li> </ol></li> </ul></li> </ol><h3 data-id="install-on-new-appliance"> <br>Install on New Appliance</h3> Once the "CRYPTODATA" file from the CD / ISO image has been copied to the samba share on the new appliance: <ol><li>Open the Unitrends UI on the new appliance and select "Configure" on the left.</li> <li>On the Appliances tab, select "Edit"</li> <li>Select the Advanced tab.</li> <li>Disable encryption by unchecking "Enable Encryption"</li> <li>SSH into the new appliance.</li> <li>Make a backup copy of the existing Master Key file: <pre class="code codeBlock" spellcheck="false" tabindex="0"> # cd /var/lib/misc # mv cryptoDaemonMasterKeys cryptoDaemonMasterKeys.old </pre> </li> <li>Rename and copy the "CRYPTODATA" file from the samba share to /var/lib/misc: <pre class="code codeBlock" spellcheck="false" tabindex="0"> # cd /backups/samba/ # mv CRYPTODATA cryptoDaemonMasterKeys # mv cryptoDaemonMasterKeys /var/lib/misc/</pre> </li> <li>Restart the Unitrends services: <pre class="code codeBlock" spellcheck="false" tabindex="0"> # /etc/init.d/bp_rcscript stop # /etc/init.d/bp_rcscript start</pre> </li> <li>From the Unitrends UI, re-enable encryption and enter the identical passphrase that was used on the old unit.</li> </ol><h2 data-id="tasks"><strong>TASKS</strong></h2> <p></p> <div> </div> <ol></ol> </article> </main>