Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ Administrator's Guide, Volume I
  5. Section II. Configuring hosts
  7. Configuring Host Properties
  9. Configuration options for NetBackup clients
  11. CRYPT_OPTION option for NetBackup clients
Veritas NetBackup™ Administrator's Guide, Volume I

CRYPT_OPTION option for NetBackup clients

The CRYPT_OPTION entry specifies the encryption options on NetBackup clients. NetBackup creates this entry automatically in the /usr/openv/netbackup/bp.conf file on a UNIX client when the bpinst_crypt command is run on the NetBackup master server.

The CRYPT_OPTION entry applies to clients with the NetBackup Encryption option installed.

See the NetBackup Security and Encryption Guide.

Do not alter the entry or create this file manually unless it was accidentally deleted.

Table: CRYPT_OPTION information

Usage

Description

Where to use

On NetBackup clients.

How to use

Use the nbgetconfig and the nbsetconfig commands to view, add, or change the option.

For information about these commands, see the NetBackup Commands Reference Guide.

Use the following format:

CRYPT_OPTION = type

The following values can be entered:

  • DENIED|denied

    Specifies that the client does not permit encrypted backups. If the server requests an encrypted backup, it is considered an error. This option is the default for a client that has not been configured for encryption.

  • ALLOWED|allowed

    Specifies that the client allows either encrypted or unencrypted backups.

  • REQUIRED|required

    Specifies that the client requires encrypted backups. If this value is specified and the server requests an unencrypted backup, it is considered an error.

This option should appear only once in the configuration file.

Equivalent Administration Console property

NetBackup Management > Host Properties > Double-click on client > Encryption.

More Information

Encryption properties

Feedback

Was this page helpful?
Previous

CRYPT_KIND option for NetBackup clients

Next

CRYPT_STRENGTH option for NetBackup clients

Feedback

Was this page helpful?