Uninstalling the HTCrypt Driver
Note: If you uninstall the HTCrypt Driver, the Policy Agent will need to detach a Linux disk before it can encrypt, decrypt, or rekey that disk.
- Log into the VM as
root. -
Run the appropriate command.
-
For RHEL or CentOS, run the command
rpm -e htcrypt. For example:# rpm -e htcrypt Uninstall of htcrypt module (version 4.2) beginning: -------- Uninstall Beginning -------- Module: htcrypt Version: 4.2 Kernel: 3.10.0-693.17.1.el7.x86_64 (x86_64) ------------------------------------- Status: Before uninstall, this module version was ACTIVE on this kernel. htcrypt.ko: - Uninstallation - Deleting from: /lib/modules/3.10.0-693.17.1.el7.x86_64/extra/ - Original module - No original module was found for this module on this kernel. - Use the dkms install command to reinstall any previous module version. Running the post_remove script: depmod.... Backing up initramfs-3.10.0-693.17.1.el7.x86_64.img to /boot/initramfs-3.10.0-693.17.1.el7.x86_64.img.old-dkms Making new initramfs-3.10.0-693.17.1.el7.x86_64.img (If next boot fails, revert to initramfs-3.10.0-693.17.1.el7.x86_64.img.old-dkms image) dracut................... DKMS: uninstall completed. ------------------------------ Deleting module version: 4.2 completely from the DKMS tree. ------------------------------ Done.
-
For Ubuntu, run the command
dpkg -r htcrypt-dkms. For example:# dpkg -r htcrypt-dkms (Reading database ... 169211 files and directories currently installed.) Removing htcrypt-dkms (5.40012345) ... -------- Uninstall Beginning -------- Module: htcrypt Version: 5.40012345 Kernel: 5.8.0-38-generic (x86_64) ------------------------------------- Status: Before uninstall, this module version was ACTIVE on this kernel. htcrypt.ko: - Uninstallation - Deleting from: /lib/modules/5.8.0-38-generic/updates/dkms/ - Original module - No original module was found for this module on this kernel. - Use the dkms install command to reinstall any previous module version. Running the post_remove script: depmod...... update-initramfs................. DKMS: uninstall completed. ------------------------------ Deleting module version: 5.40012345 completely from the DKMS tree. ------------------------------ Done.
At this point, the HTCrypt Driver status shows as "Not Installed" but it is still running on any disks that are currently attached.
-
-
If the root or swap disk is encrypted on this VM, you need to reboot the VM to completely remove the HTCrypt Driver from the VM.
If only data disks are encrypted on the VM, you can either reboot the VM or detach and then reattach all attached data disks to remove the HTCrypt Driver from those disks. To detach and reattach the disks, use the
hcl detach -aandhcl attach -acommands. For example:# hcl detach -a Encrypted device sdi7 detached; encrypted contents no longer visible Encrypted device sdi1 detached; encrypted contents no longer visible # hcl attach -a Encrypted device sdi7 (/dev/sdi7) attached; encrypted contents visible at /dev/mapper/clear_sdi7 Encrypted device sdi1 (/dev/sdi1) attached; encrypted contents visible at /dev/mapper/clear_sdi1
-
Verify the uninstallation by entering the
hcl statuscommand. For example:# hcl status Summary -------------------------------------------------------------------------------- KeyControl: 10.238.66.235:443 KeyControl list: 10.238.66.235:443 Status: Connected Last heartbeat: Wed Mar 21 13:50:45 2018 (successful) AES_NI: enabled Certificate Expiration: Sep 11 22:16:13 2020 GMT HTCRYPT: Not Installed
