19.5 Mounting Encrypted NSS Volumes with NSS Commands

You must enter a password only on the first activation following a system reboot. Thereafter, other environmental security and authentication measures control access to user data.

IMPORTANT:On Linux, the NSS Console (nsscon) does not support entering the password from the command line. You must mount the encrypted volume from NSSMU on the first time after a system reboot. Thereafter, you can use the commands in this section without supplying the password. For information, see Section 19.4, Mounting an Encrypted NSS Volume with NSSMU.

Syntax

The following table provides the syntax for NSS commands to use with encrypted volumes on subsequent mounts of the volume until the system reboots. Enter the commands from nsscon. In each case, replace volname with the name of the encrypted NSS volume.

You cannot use the wildcard option of all as the volname before an encrypted volume is mounted with its password following each system reboot. The All option does not find the volume and does not execute the command.

Table 19-1 Volume Mount Commands

Command

Description

mount volname

Mounts an encrypted or unencrypted NSS volume.

The mount command is usable for encrypted volumes only after a previous activation with password. Otherwise, it returns an error message, requesting more information.

mount all

Activates and mounts all encrypted NSS volumes that have been previously activated with their passwords.

Encrypted NSS volumes that were not previously activated are not mounted. Mount them from NSSMU, where you can provide the encryption password.

nss /volumes

Displays a list of encrypted and unencrypted NSS volumes, showing their attributes.

The encrypted volume returns a status of Encrypted.