You cannot progress past this step until you make at least
two more copies of the USB flash drive.
IBM® provides two more USB
flash drives when the encryption feature code is purchased. You can
make as many copies of the USB flash drive as you like. You must make
a minimum of two copies so that you have at least three USB flash
drives in total.
Warning: At system startup (power
on) or to access an encrypted system, the encryption key must be provided
by an outside source so that the system can be accessed. The encryption
key is read from the USB flash drives that store copies of the keys
that were created during system initialization. If you want the system to reboot automatically,
a USB flash drive with the encryption keys must be left inserted in
each of the canisters, so that both canisters have access to the encryption
key when they power on. This method requires that the physical environment
where the system is located is very secure, so no unauthorized person
could make copies of encryption keys on the USB flash drives and gain
access to data stored on the system. For
the most secure operation, do not keep the USB flash drives inserted
into the canisters on the system. However, this method requires that
you manually insert the USB flash drives that contain copies of the
encryption key in both canisters before rebooting the system. The
encryption key is required to access encrypted data, and resides only
on the USB flash drive copies and on any additional copies made on
other forms of storage. The encryption key cannot be recovered or
regenerated by IBM if all user-maintained copies are lost or unrecoverable.