Brocade Fabric OS Command Reference (Supporting Fabric OS v7.3.0) User Manual

196

Fabric OS Command Reference

53-1003131-01

cryptoCfg

2

To export the master key to a file:

SecurityAdmin:switch> cryptocfg --exportmasterkey -file

Enter the passphrase: **********

Master key file generated.

To export the master key file to an external host:

SecurityAdmin:switch> cryptocfg --export -scp \

-currentMK 192.168.38.245 mylogin GL_MK.mk

Password:*************

Operation succeeded.

To recover the master key from the key vault to the current location:

SecurityAdmin:switch> cryptocfg --recovermasterkey currentMK -keyID \

bd:ae:2d:0b:b9:1a:ad:18:0d:eb:fe:c9:67:ed:29:b0

Enter the passphrase: passphrase

Recover master key status: Operation succeeded.

To display the saved key IDs associated with a repeatedly exported master key

SecurityAdmin:switch> cryptocfg --show \

-mkexported_keyids e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:92

e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:92

e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:93

e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:94

e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:95

e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:96

e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:97

e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:98

e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:99

Operation Succeeded.

To display the encryption group configuration:

SecurityAdmin:switch> cryptocfg --show -groupcfg

Encryption Group Name: system_test

Failback mode: Auto

Replication mode: Disabled

Heartbeat misses: 3

Heartbeat timeout: 2

Key Vault Type: LKM

System Card: Disabled

Primary Key Vault:

IP address: 10.32.49.200

Certificate ID: 3D2-LKM3-B05-200

Certificate label: LKM200

State: Connected

Type: LKM

Secondary Key Vault:

IP address: 10.32.49.201

Certificate ID: 3D2-LKM4-B05-201

Certificate label: LKM201

State: Connected

Type: LKM

Additional Primary Key Vault Information::