cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

bpkeyutil failed with bpkeyutil.c.374 error

Go to solution
thesunlover
Level 4

‎11-10-2011 11:44 AM

Hi, Here is a new issue with bpkeyutil:

nbserver# bpkeyutil -client bnclient
Enter new NetBackup pass phrase: *******
Re-enter new NetBackup pass phrase: *******
bpkeyutil.c.374: main: Function call RemoteCopy(webcore01) failed. Errno = 32

The server and the client are using the same patch versions. I've goolged it but found no useful result. So please help!

Thank you in advance!
 

 

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
CRZ
Level 6
Employee Accredited Certified

‎11-10-2011 12:13 PM

Well, that's the problem.  bpkeyutil is a command used with "standard" encryption and isn't used for "legacy" encryption, so you shouldn't be using it if that's what you've installed on your client.  (You'll also find that /usr/openv/netbackup/bin/bpkeyutil DOESN'T exist on the client because you have installed legacy encryption there.)

I don't know why you're going with the legacy (aka 5.x,  40 or 56 bit, or "not as secure") encryption when the 128 bit client encryption option should be available to you?
 

View solution in original post

0 Kudos
6 REPLIES 6

Go to solution
CRZ
Level 6
Employee Accredited Certified

‎11-10-2011 11:56 AM

Did you really type "bnclient" when you may have meant "nbclient" ?   :)  (I'm kidding, you have revealed your client's hostname in your command output)

I know you've probably said this in your other threads, but let me ask again in case you're using different clients in this thread: what's the version of NetBackup (AND Encryption) on the server and client?  What's the O/S of the server and the client?

Can you confirm Encryption has actually been installed on the client?  (In one of your other threads, you mentioned status code 9, which almost always means "Encryption hasn't been installed where you're looking") 

I suspect if you hop on that client and look, you won't find bpkeyutil on it.

0 Kudos

Go to solution
thesunlover
Level 4

‎11-10-2011 12:05 PM

Either bnclient or nbclient is just the client's hostname. I guess you guys are not interested in the real hostname:)

Yes. Encryption has been installed on the clients that under either SuSE Linux or Solaris 10.

-----------------------------------------------------

nbserver# bpinst -LEGACY_CRYPT -update_libraries -crypt_option required -crypt_strength des_56 nbclient
Update bpkeyfile
Update of extra alternate bit version of 40-bit DES library completed
Update of 40-bit DES library completed
Update of extra alternate bit version of 56-bit DES library completed
Update of 56-bit DES library completed
Executing nblu_registration on nbclient...
LiveUpdate is not installed, skipping registration step...
nblu_registration completed successfully on nbclient

nbserver# bpinst -LEGACY_CRYPT -crypt_option required -crypt_strength des_56 -policy_encrypt 1 -policy_names nbpolicy

nbserver# bpinst -LEGACY_CRYPT -verbose nbclient
BPCD protocol version 6.5.0 on client nbclient
40-bit library version is 3.1.0.40 on client nbclient
56-bit library version is 3.1.0.56 on client nbclient
BPCD platform is solaris10 for client nbclient
Current configuration entries are:
CRYPT_KEYFILE = /usr/openv/netbackup/keyfile
CRYPT_LIBPATH = /usr/openv/lib
CRYPT_OPTION = required
CRYPT_STRENGTH = des_56
V_PATH_SHARE = /usr/openv/share
No update of NetBackup configuration required for client nbclient
No update of NetBackup pass phrase required for client nbclient

nbserver# bppllist nbpolicy -U | grep -i encrypt
  Client Encrypt:      yes

0 Kudos

Go to solution
Tim_Hansen
Level 5
Certified

‎11-10-2011 12:07 PM

yeah the netbackup client level would be helpful. older unix client versions will have to have the encryption packages installed using:

 

bpinst –ENCRYPTION client1 client2

 

 

EDIT: lol nevermind, beat me to it

0 Kudos

Go to solution
CRZ
Level 6
Employee Accredited Certified

‎11-10-2011 12:13 PM

Well, that's the problem.  bpkeyutil is a command used with "standard" encryption and isn't used for "legacy" encryption, so you shouldn't be using it if that's what you've installed on your client.  (You'll also find that /usr/openv/netbackup/bin/bpkeyutil DOESN'T exist on the client because you have installed legacy encryption there.)

I don't know why you're going with the legacy (aka 5.x,  40 or 56 bit, or "not as secure") encryption when the 128 bit client encryption option should be available to you?
 

0 Kudos

Go to solution
thesunlover
Level 4

‎11-10-2011 12:28 PM

Legacy encryption is working fine on some other clients here. The key files were created by using bpkeyutil without problem.

0 Kudos

Go to solution
thesunlover
Level 4

‎11-10-2011 01:00 PM

You may be right. I've checked it out again and found the clients working fine with encryption were actually backed up by 'standard' encryption. I clearly remember that I set them up using legacy encryption. How could they switch to standard encryption? I haven't figured it out yet.

Thanks!

0 Kudos