Important

   

This documentation space contains information about PATROL Agents when deployed in a BMC Helix Operations Management environment. If you are a TrueSight Operations Management user, see PATROL Agent 20.08.

Setting the AES encryption key size for the PATROL Agent

PATROL Agents use the Advanced Encryption Standard with Galois/Counter Mode (AES-GCM) encryption to decrypt the BMC Helix Operations Management policy passwords. AES is more secure than its predecessors Data Encryption Standard (DES) and triple DES, as the algorithm is stronger, uses longer key lengths, and enables faster encryption than DES. PATROL Agent supports AES in two key sizes: 256-bit and 128-bit. By default, the PATROL Agent is AES 256-bit compliant.

Note

Current version of the PATROL Agent is backward compatible with the older encryption mechanisms. By default, current version of the PATROL Agent encrypts the data in AES format. If the pre-existing data is encrypted using older encryption mechanism, such as DES, the data is decrypted and re-encrypted in AES format in the current version.

To set the AES encryption size

Due to import regulations in some countries, AES 256-bit encryption is not allowed. You need to select the appropriate encryption key size by setting the BMC_TS_KEY_SZ environment variable as shown in the following code block:

#Microsoft Windows
set BMC_TS_KEY_SZ=128
   
#Unix
export BMC_TS_KEY_SZ=128

Note

  •  BMC_TS_KEY_SZ environment variable can be set to either 128 or 256 depending on the requirement.

Was this page helpful? Yes No Submitting... Thank you

Comments