Skip to main content
NetApp Knowledgebase

Installation of Ontap NODAR (No Data At Rest Encryption) image fails

Applies to

ONTAP 9.2
ONTAP 9.3
ONTAP 9.1
FAS2650, FAS6290, FAS80xx, FAS8200, AFF-A300

Issue

NVE is a software-based, data-at-rest encryption solution available starting with NetApp ONTAP® 9.1
For users who do not wish this solution to be available in their environment, NetApp also has provided a nodar (no data at rest encryption) image starting with ONTAP® 9.1P1 and later.
The Ontap  nodar image disables volume encryption.

ex:
91P1_q_nodar_image.tgz

If encrypted volumes have been created on the node, installation of the nodar image will fail on boot after takeover.


On reboot of the node after the NODAR image has been installed, the following disruption occurs:


Copyright (C) 1992-2018 NetApp.
All rights reserved.
*******************************
*                             *
* Press Ctrl-C for Boot Menu. *
*                             *
*******************************
cryptomod_fips: Executing Crypto FIPS Self Tests.
cryptomod_fips: Crypto FIPS self-test: 'CPU COMPATIBILITY' passed.
cryptomod_fips: Crypto FIPS self-test: 'AES-128 ECB, AES-256 ECB' passed.
cryptomod_fips: Crypto FIPS self-test: 'AES-128 CBC, AES-256 CBC' passed.
cryptomod_fips: Crypto FIPS self-test: 'CTR_DRBG' passed.
cryptomod_fips: Crypto FIPS self-test: 'SHA1, SHA256, SHA512' passed.
cryptomod_fips: Crypto FIPS self-test: 'HMAC-SHA1, HMAC-SHA256, HMAC-SHA512' passed.
cryptomod_fips: Crypto FIPS self-test: 'PBKDF2' passed.
cryptomod_fips: Crypto FIPS self-test: 'Self-integrity' passed.
Attempting to use existing varfs on /dev/nvrd1
Successfully loaded SVM keys.
Writing entropy file:.
Attempting to load onboard keys.
Successfully set the onboard keys.

[nodename:crypto.key.stored:notice]: Stored key with key ID 00000000000000000200000000000100425e48bfca4ab6b3656c930a881a1b9b0000000000000000.

[nodename:crypto.key.stored:notice]: Stored key with key ID 000000000000000002000000000001002ab1c0f174737346c582598dae1bbce70000000000000000.

[nodename:crypto.key.stored:notice]: Stored key with key ID 00000000000000000200000000000c00b47625503aa4784b1ce92625ab6beb2a0000000000000000.

PANIC  : Unable to decrypt data.

version: 9.3P4:


 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support