Configuration Tool - Using a List File Parent topic

Before you begin

Ensure that at least one device is prepared and available on the target machine.
This method is similar to the method found in Configuration Tool - Provisioning Script, except that in this method, a user can create a configuration list file before provisioning devices which sets details about those devices in advance, such as whether a user wants to erase or preserve data on the devices, or which mount points to assign the devices to after encryption.
Tip
Tip
This method is most appropriate for encrypting multiple devices at once, but with certain devices requiring different specifications than the others in the set.

Procedure

  1. Navigate to the appropriate directory:
    • On Microsoft Windows, click Start and type cmd to open a command shell, then type cd C:\Program Files (x86)\Trend Micro\SecureCloud\Agent\
    • On Linux, type cd /var/lib/securecloud/
  2. Create a configuration list text file in this directory and edit its file contents.
    You will call this file at a later time directly, so it does not need a specific name. Trend Micro recommends using an appropriate name for its purpose, such as devicelist.txt.
    Use the example below. Create or remove devices as necessary.
    [Device1]
    DEVICE_NAME=
    MOUNT_POINT=
    FILESYSTEM=
    EXISTING_DATA=
    
    [Device2]
    DEVICE_NAME=
    MOUNT_POINT=
    FILESYSTEM=
    EXISTING_DATA=
    Important
    Important
    Device headers must start at [Device1] and must be continuous ([Device1], [Device2], [Device3], and so on). Device headers must be written in exactly this format: [Device1]
  3. Specify information about the devices within the text file.
    Refer to the following table to determine what values should be written in each location, depending on the operating system of the devices.

    Configuration List Valid Values

    Line Name
    Description
    Windows Values
    Linux Values
    DEVICE_NAME
    Name of the device to encrypt.
    Example:
    harddisk1
    Example:
    /dev/sda
    MOUNT_POINT
    Assigns the device to a specific mount point.
    You may type auto_assign here to instruct SecureCloud to automatically assign an available mount point.
    Note
    Note
    If EXISTING_DATA=erase, this line is mandatory, but if EXISTING_DATA=preserve, omit this line.
    Example:
    G
    Example:
    /mnt/G
    FILESYSTEM
    Determines which file system to format the device into.
    You may type auto_assign here to instruct SecureCloud to automatically assign the default value.
    The default values are as follows:
    • Windows file system: NTFS
    • Linux file system: EXT3
    Note
    Note
    If EXISTING_DATA=erase, this line is mandatory, but if EXISTING_DATA=preserve, omit this line.
    • fat32
    • NTFS
    • ext3
    • ext4
    • xfs
    EXISTING_DATA
    Determines whether SecureCloud should erase or preserve the existing data during encryption.
    If EXISTING_DATA=preserve, omit the lines for MOUNT_POINT and FILESYSTEM.
    • erase
    • preserve
    This is an example of a completed Windows configuration device list entry:
    [Device1]
    DEVICE_NAME=harddisk1
    MOUNT_POINT=G
    FILESYSTEM=NTFS
    EXISTING_DATA=erase
    
    [Device2]
    DEVICE_NAME=harddisk2
    EXISTING_DATA=preserve
    
    This is an example of a completed Linux configuration device list entry:
    [Device1]
    DEVICE_NAME=/dev/sda
    MOUNT_POINT=/mnt/G
    FILESYSTEM=xfs
    EXISTING_DATA=erase
    
    [Device2]
    DEVICE_NAME=/dev/sdb
    EXISTING_DATA=preserve
  4. Run the appropriate SecureCloud Agent provisioning script.
    • On Microsoft Windows, type scprov prov -c <device_list> -x <passphrase>
    • On Linux, type ./scprov.sh prov -c <device_list> -x <passphrase>
    Note
    Note
    On Linux systems, parameters are case sensitive.
    The SecureCloud Agent uses the encryption key provided by the Key Management Server to encrypt the devices attached to this machine.