Brocade Fabric OS Command Reference (Supporting Fabric OS v7.3.0) User Manual

64

Fabric OS Command Reference

53-1003131-01

authUtil

2

To enable Sha256 hash type:

sha256 hash type is recommended for FIPS configuration.

switch:admin> authutil --set -h sha256

Hash is set to sha256.

switch:admin> authutil --show

AUTH TYPE HASH TYPE GROUP TYPE

--------------------------------------

fcap,dhchap sha256 1

Switch Authentication Policy: PASSIVE

Device Authentication Policy: OFF

To set DH group 3:

switch:admin> authutil --set -g 3

DH Group was set to 3.

To set all DH groups to be specified in the authentication negotiation in the order of 0, 1, 2, 3, and 4:

switch:admin> authutil --set -g "*"

DH Group is set to 0,1,2,3,4

To set the Switch policy to active mode:

switch:admin> authutil --policy -sw active

Warning: Activating the authentication policy requires

either DH-CHAP secrets or PKI certificates depending

on the protocol selected. Otherwise, ISLs will be

segmented during next E-port bring-up.

ARE YOU SURE (yes, y, no, n): [no] y

Auth Policy is set to ACTIVE

To set the Device policy to passive mode:

switch:admin> authutil --policy -dev passive

Warning: Activating the authentication policy requires

DH-CHAP secrets on both switch and device. Otherwise,

the F-port will be disabled during next F-port

bring-up.

ARE YOU SURE (yes, y, no, n): [no] y

Device authentication is set to PASSIVE

To set the device authentication policy to "on" mode:

switch:admin> authutil --policy -dev on

Warning: Activating the authentication policy requires

DH-CHAP secrets on both switch and device. Otherwise,

the F-port will be disabled during next F-port

bring-up.

ARE YOU SURE (yes, y, no, n): [no] y

Device authentication is set to ON

2008/03/24-23:13:06, [AUTH-1003], 112,, INFO, Stealth_3,

Device authentication type has been successfully set to ON