Unencrypting Data
You can use either of the following methods to unencrypt your data. The first requires you to copy the files to a temporary directory and the second requires you to use dataxform on the host system.
Copy Method
-
Stop all applications accessing the GuardPoint.
-
Log on as a user who can see clear text for all files in the GuardPoint.
-
Copy all files from the GuardPoint to a new directory that is not guarded.
-
In your key manager, unguard the GuardPoint. Make sure that it does not display in the key manager.
-
Delete all files in the original directory.
-
Copy all files from the unguarded/clear text directory to the original directory.
-
Start any application once all files have finished copying.
Note
Do not rename directories. This will not result in unencrypting directories.
Dataxform Method
-
Stop any application accessing the GuardPoint.
-
In your key manager, clone the original policy that you used to encrypt the data.
-
In the cloned policy, reverse the keys. Put the original key in for the key_selection rule and the clear_key in for the transformation rule.
-
Guard the directory you want to unencrypt with the cloned policy.
Note
Make sure the status is green before you guard with that policy.
-
Run
dataxform --cleanup
on the GuardPoint:# dataxform --cleanup --gp /<dirName>
For example:
# dataxform --cleanup --gp /DataSecurity/myDir
-
On the host system, run
dataxform --rekey
on the GuardPoint:# dataxform --rekey --gp /<dirName> --preserve_modified_time
For example:
# dataxform --rekey --gp /DataSecurity/mydir --preserve_modified_time
-
In your key manager, unguard the Guard Point.
The data should now be in clear text (unencrypted).