Cryptocfg help command output, Management lan configuration – Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 150

Advertising
background image

130

Fabric OS Encryption Administrator’s Guide (DPM)

53-1002922-01

Cryptocfg Help command output

3

Cryptocfg Help command output

All encryption operations are done using the cryptocfg command. The cryptocfg command has a
help output that lists all options.

switch:admin> cryptocfg --help

Usage: cryptocfg

--help -nodecfg:

Display the synopsis of node parameter configuration.

--help -groupcfg:

Display the synopsis of group parameter configuration.

--help -hacluster:

Display the synopsis of hacluster parameter configuration.

--help -devicecfg:

Display the synopsis of device container parameter configuration.

--help -transcfg:

Display the synopsis of transaction management.

switch:admin> cryptocfg --help -nodecfg

Usage: cryptocfg

--help -nodecfg:

Display the synopsis of node parameter configuration.

--initnode:

Initialize the node for configuration of encryption options.

--initEE [<slotnumber>]:

Initialize the specified encryption engine.

--regEE [<slotnumber>]:

Register a previously initialized encryption blade.

--reg -membernode <member node WWN> <member node certfile> <IP addr>:

Register a member node with the system.

--reg -groupleader <group leader WWN> <group leader certfile> <IP addr>:

Register a group leader node with the system.

(output truncated)

Management LAN configuration

Each encryption switch has one GbE management port. In the case of a DCX Backbone chassis
with FS8-18 blades installed, management ports are located on the CP blades. The management
port IP address is normally set as part of the hardware installation. A static IP address should be
assigned. To eliminate DNS traffic and potential security risks related to DHCP, DHCP should not be
used.

For encryption switches and blades, the management port is used to communicate with a key
management system, and a secure connection must be established between the management
port and the key management system. All switches you plan to include in an encryption group must
be connected to the key management system. Only IPv4 addressing is currently supported. All
nodes, including the key management system, must use the same version of IP addressing.

Advertising
Popular Brands
Popular manuals