The sm_rebond utility changes the secret phrase and re-encrypts the files affected by the secret. This utility prompts for the old secret phrase and the new phrase, then generates an imk.dat file and updates all the files containing encrypted information. This utility affects all of the applications that run on the same host and use the same imk.dat file.

Note:

The sm_rebond utility shuts down all of the processes run from the suite that were started by using sm_service or sm_serviced, and that use the same imk.dat file. The sm_rebond utility re-encrypts the security files and the seed files, then restarts the processes once the phrase and encryption changes are made. All other processes should be shut down manually before running the utility and restarted once the utility is finished.

To change the secret, perform the following steps:

  1. Use the sm_rebond utility. You must type this command with administrative privileges.

    sm_rebond --basedir=<base directory>
    
  2. When the utility prompts for the old secret phrase, type it.

  3. When the utility prompts for the new secret phase, type it. The secret phrase can consist of a combination of printable characters, integers and special characters. The secret phrase cannot be more than 1,024 characters long.

  4. Retype the new secret to confirm it.

  5. Close the utility.

    Note:

    The sm_rebond utility encrypts only files that reside in BASEDIR/smarts/local/conf and three levels of subdirectories below that. To encrypt files outside of that directory area, contact VMware Global Services.