You can change the Encryption Key periodically as per the organization compliance policy to ensure safety and security of the data.

Prerequisites

  1. Verify that you have root user credentials for the VMware Skyline Health Diagnostics appliance.

  2. For more information about enabling the root user log in to the VMware Photon OS, see: https://vmware.github.io/Photon/assets/files/html/3.0/Photon_troubleshoot/permitting-root-login-with-ssh.html (This configuration is not necessary for the VMware Skyline Health Diagnostics appliance as by default it is configured to allow root user log in through SSH).

  3. Verify that you can log in using root credentials to the VMware Skyline Health Diagnostics appliance console.

  4. Verify that you have shd-admin user credential for the VMware Skyline Health Diagnostics appliance.

  5. Verify that you have the current and the new Encryption Key for the Credential Store

Procedure

  1. Open the Skyline Health Diagnostics appliance console using the VMware vSphere client or Secure Shell (SSH) client.
  2. Log in as root user.
  3. Run the command shd-config credmanager
  4. Provide Password for shd-admin user at the prompt.
  5. Select the Option number for Rekey the Credential Store option, if you know the current encryption key and want to change it.
  6. Enter the current encryption key.
  7. Enter the new encryption key you want to set.
  8. Confirm the new encryption key .
  9. Once the rekey operation finishes, restart the vmware-shd service using command systemctl restart vmware-shd.

    Time required to complete the re-key operation will vary depending on the number of profiles stored in the Credential Store.

Results

The encryption key is changed for the Credential Store.

What to do next

Save the passphrase at the secured place to refer it later.