Dell POWEREDGE M1000E User Manual

Page 241

Advertising
background image

Fabric OS Command Reference

213

53-1002746-01

cryptoCfg

2

-encrypt | -cleartext

Enables encryption or cleartext (no encryption). By default, cleartext is enabled.

-key_lifespan time_in_days | none

Specifies the lifespan of the encryption key in days. The key expires after the
specified number of days. The default value is none, which means the key does
not expire until the value is set. This parameter cannot be modified for tape pools
once it is set.

--delete -tapepool

Deletes the specified tape pool. This command is valid only on the group leader.
The following operand is required:

-label pool_label | -num pool_num

Specifies the tape pool by volume label or tape pool ID. Use the --show -tapepool
command for a listing of configured tape pools and their respective labels or IDs.

--modify -tapepool

Modifies the encryption policies of a specified tape pool. This command is valid
only on the group leader. The following operand is required:

-label pool_label | -num pool_num

Specifies the tape pool by volume label or tape pool ID. Use the --show -tapepool
command for a listing of configured tape pools and their respective labels or IDs.
To modify the label or pool number, you must delete and recreate the tape pool.

You may optionally modify the following tape policy parameters.

[-encryption_format native | DF_compatible]

[-encrypt | cleartext]

Refer to cryptocfg --create -tapepool for descriptions of these parameters.
Exercise caution when modifying tape pool policy parameters while tape sessions
are in progress. Refer to the Fabric OS Encryption Administrator's Guide for more
information.

--manual_rekey

Performs a manual rekeying of a specified LUN associated with a specified CTC.
Manual rekeying is performed in both online and offline fashion depending on
whether or not the host is online or host I/O is present. If any policy-based
rekeying operation is currently in progress, this command aborts with a warning
message. This command is valid only on the group leader.

The following operands are supported:

crypto_target_container_name

Specifies the name of the CTC to which this LUN belongs.

LUN_Num

Specifies the number of the LUN to be rekeyed. Use the --show -container
command for a list of LUN numbers associated with the specified CTC.

initiator_PWWN

Specifies the port WWN of the initiator for the specified LUN.

-include_mirror

Initiates a manual rekey on mirror LUN or on a primary LUN in read-only state.
This operand is required if the specified LUN is mirror LUN or a primary that has
been restored from an out-of-sync mirror LUN.

-all

Performs a manual rekey operation on all encrypted primary or nonreplicated
LUNs on the node that are in read-write state. This operation may take an
extended period of time.

Advertising
Popular Brands
Popular manuals