F - A P P E N D I X -

A P P E N D I X F

Zeroizing the Hardware

This appendix describes how to zeroize the Sun Crypto Accelerator 4000 board to the factory state which is the failsafe mode for the board.

Caution - You should use the procedures described in this appendix only if it is absolutely necessary. The zeroize command in vcaadm is appropriate if you need to remove all key material. Refer to Zeroizing a Sun Crypto Accelerator 4000 Board for details on the zeroize command. Also refer to the online manual pages for vcadiag(4) for removing all key material.

Note - The procedures described in this appendix remove the Sun Crypto Accelerator 4000 firmware. You will have to reinstall the firmware which is provided with the Sun Crypto Accelerator 4000 software.

Zeroizing the Sun Crypto Accelerator 4000 Hardware to the Factory State

In some situations, it may become necessary to return a board to failsafe mode, and clear it of all key material and configuration information. This can only be done by using the hardware jumper attached to the board.

Note - You can use the zeroize command with the vcaadm utility to remove all key material from a Sun Crypto Accelerator 4000 board. However, the zeroize command leaves any updated firmware intact. See Zeroizing a Sun Crypto Accelerator 4000 Board. Also refer to the vcadiag online manual pages.

To Zeroize the Sun Crypto Accelerator 4000 Board With the Hardware Jumper

1. Power off the system.

Note - For some systems, you can use dynamic reconfiguration (DR) to remove and replace the board as necessary for this procedure instead of powering off the system. Refer to the documentation delivered with your system for the correct DR procedures.

Caution - The board must not receive any electrical power while adjusting the jumper.

2. Remove the computer cover to get access to the jumper located at the top middle of the board.

3. Place the jumper on pins 0 and 1 of the jumper block.

Pins 0 and 1 are the pins closest to the bracket and labeled with a "Z." There are four sets of two pins and the jumper should only be placed on the 0 and 1 pin set as shown in FIGURE F-1.

Caution - You cannot use the Sun Crypto Accelerator 4000 board with the jumper on pins 0 and 1.

FIGURE F-1 Sun Crypto Accelerator 4000 Board Jumper Block Pins

Diagram of the hardware jumper pins located on the top middle of the board.

4. Power on the system.

Caution - When you power on the system after adjusting the Sun Crypto Accelerator 4000 board jumper, all firmware, key material, and configuration information is deleted. This process returns the board to the factory state and places the board in failsafe mode.

5. Power off the system.

6. Remove the jumper from pins 0 and 1 of the jumper block and store the jumper in the original location.

7. Power on the system.

8. Connect to the Sun Crypto Accelerator 4000 board with vcaadm.

vcaadm prompts you for a path to upgrade the firmware.

9. Type /opt/SUNWconn/cryptov2/firmware/sca4000fw as the path for installing the firmware.

The firmware is automatically installed and you are logged out of vcaadm.

10. Reconnect to Sun Crypto Accelerator 4000 board with vcaadm.

vcaadm prompts you to either initialize the board with a new keystore, or initialize the board to use an existing keystore. See Initializing the Sun Crypto Accelerator 4000 Board With vcaadm.