Recovering Access to KeyControl Compliance Manager

There are times when you will need to recover your KeyControl Compliance Manager system, such as when you increase the number of CPUs allotted to a server, change the network hardware address, migrate KeyControl Compliance Manager to a different host, or restore from a backup to a newly-created VM. The system recovery process prevents rogue administrators from making unauthorized changes to, or copies of, KeyControl Compliance Manager disks.

Select the method you want to use to recover your system. The options are:

Option	Description
Recovery using Keypart Upload	Allows you to upload the minimum number of required Admin Key parts that were sent to the Security Admins in the system. If you select this option, the KeyControl Compliance Manager webGUI displays the Recover Admin Key page. To upload a part, click Browse and select the appropriate `recovery_key` file. The Browse button should change to show the name of the selected file. When the correct file is displayed, click Upload file. Make sure that all Admin Key parts you upload have the same generation count. This information can be found in the email accompanying the Admin Key part. For details, see Downloading your Admin Key. When the required number of parts have been uploaded, KeyControl Compliance Manager recovers the system and displays the Recovery Success message. Click Proceed to return to the login page.
Recovery using Passphrase	Allows you to recover your system when you are using passphrase-based authentication. If you select this option, the KeyControl Compliance Manager webGUI displays the Recovery Passphrase page. Enter your passphrase and click Recover. For more information, see Startup Authentication.

Option

Description

Recovery using Keypart Upload

Allows you to upload the minimum number of required Admin Key parts that were sent to the Security Admins in the system. If you select this option, the KeyControl Compliance Manager webGUI displays the Recover Admin Key page.

To upload a part, click Browse and select the appropriate recovery_key file. The Browse button should change to show the name of the selected file. When the correct file is displayed, click Upload file.

Make sure that all Admin Key parts you upload have the same generation count. This information can be found in the email accompanying the Admin Key part. For details, see Downloading your Admin Key.

When the required number of parts have been uploaded, KeyControl Compliance Manager recovers the system and displays the Recovery Success message. Click Proceed to return to the login page.

Recovery using Passphrase

Allows you to recover your system when you are using passphrase-based authentication. If you select this option, the KeyControl Compliance Manager webGUI displays the Recovery Passphrase page. Enter your passphrase and click Recover. For more information, see Startup Authentication.