I understand Bosses very well ...ha ha ha
Encryption keys are safely stored inside of the Backup Exec database (BEDB) in an encrypted
format. The pass phrase itself is not stored in the database; only the key generated by the pass
phrase is stored
Following is the process involved in the same
1. The Backup Exec 11d media server sends the encryption keys to the Backup Exec Remote
Agent installed on the client system. The keys are protected via asymmetric encryption during
this transfer.
2. Data is encrypted at the Backup Exec 11d Remote Agent client with symmetric encryption
using the specified AES 128-bit or 256-bit key.
3. Data is sent encrypted over the network to the Backup Exec 11d media server and written to
the backup device specified in the backup job.
If a Backup Exec database becomes corrupted on a media server and is replaced by a new
database, you must manually re-create all of the encryption keys that were stored on the original
database. If you move a database from one media server to another, the encryption keys remain
intact as long as the new media server has the same user accounts and is in the same domain as
the original media server.