QUERY ENCRYPT

Read syntax diagramSkip visual syntax diagram Query ENCRYPT ALLPAGing

Authorization

Privilege Class: A, C, E

Purpose

Use the QUERY ENCRYPT command to determine the settings for host level encryption used by the z/VM® hypervisor.

Operands

ALL
lists settings for all the host services for which encryption is available.
PAGing
lists z/VM host level encryption settings for CP paging of guest memory and virtual-disk-in-storage (VDISK).

Usage Notes

  1. The QUERY ENCRYPT command lists host-level encryption configuration for both the initial system state and the current state. This information is provided for auditing purposes.
  2. For a record of any user IDs that changed their initial encryption setting, refer to monitor records or to auditing records from your External Security Manager.

Responses

Response 1: 

Encrypt Paging settings:
     Currently: Required AES256 
     At IPL: Off
Ready;

This response is issued when PAGING or ALL is specified on the QUERY ENCRYPT command. It displays the setting at the time of IPL, the present setting, and the current algorithm. The setting at the time of IPL is determined by the ENCRYPT configuration statement and can either be OFF (the default), ON, or REQUIRED. If the setting is ON or REQUIRED, the current encryption algorithm is also noted. The encryption setting can be changed with the SET ENCRYPT command; this setting can be OFF, ON, or REQUIRED. See SET ENCRYPT for more information about these settings.

Messages

  • HCP002E Invalid operand - operand
  • HCP003E Invalid option - {option|command contains extra option(s) starting with option}