Removing a Disk from KeyControl Vault

The following procedure explains how to remove a disk from KeyControl Vault when you don't care about its contents. If you want to save the contents, you need to decrypt the disk before you remove it from KeyControl Vault. For details, see Decrypting a Disk Using the webGUI or Decrypting a Disk Using the CLI.

Important: This operation is destructive. You will lose all encrypted data that is stored on the disk.

1. For Linux, log into the VM as root. For Windows, log in as a System Administrator and open a Command Prompt or start Windows PowerShell.
2. Unmount the disk you want to remove.

3. Enter the command hcl rm [-y] <diskname | -a>, where:

   • -y makes the command non-interactive.
   • diskname | -a is the name of the disk that you want to remove or -a to remove all disks on the VM that are registered with KeyControl Vault. For Linux, use the short form of the disk name (for example, sdb1 instead of /dev/sdb1). For Windows, specify the drive letter or folder mount associated with the disk.

   DataControl issues an implicit hcl detach command and unregisters the disk(s) with KeyControl Vault. Any keys associated with the disk(s) are deleted and any encrypted data is now inaccessible.

   For example:

   # hcl rm sdd1
   WARNING: Removal of devices will cause any data stored on them to be permanently lost.
   Do you want to proceed? (y/n) y
   
   Removed device sdd1