The recommended method to change the secret phrase for an deployment is to run the sm_rebond utility in each installation area. Under certain circumstances, you can use one machine to create and encrypt the different configuration files as well as the imk.dat file.
It is best to do the propagation before the other applications are started. If you want to propagate the files and the server has started but there are no SNMP V3 passwords in use, replace the connection configuration files. If you are using SNMP V3 passwords, you will need to replace the connection configuration files, delete the existing repository files (*.rps), and restart the server.
An alternative to propagating all of the files is to propagate imk.dat, then run it for each file requiring security on each installation:
sm_edit --noedit <filename>