Dell POWEREDGE M1000E User Manual

Page 253

Advertising
background image

Fabric OS Command Reference

225

53-1002746-01

cryptoCfg

2

--transshow

Displays the pending database transaction for any device configurations invoked
earlier through the CLI or DCFM interfaces. The command displays the
transaction status (completed or pending), the transaction ID, and the transaction
owner (CLI or DCFM)

FUNCTION

6. Device decommissioning

SYNOPSIS

cryptocfg --help -decommission

cryptocfg --decommission -container container_name
 -initiator initiatator _PWWN -LUN LUN_num

cryptocfg --delete -decommissionedkeyids

cryptocfg --show -decommissionedkeyids

cryptocfg --show -vendorspecifickeyid key_ID

DESCRIPTION

Use these cryptoCfg commands to decommission a disk LUN in the event that the storage device is to
be reprovisioned, retired, or returned to the vendor. The decommission function renders all data on the
disk media inaccessible before decommissioning the device.

Device decommissioning deletes or renders invalid all important information including keys stored in the
key vault, on the chip, and from the various internal caches, and it erases the metadata on the media to
ensure that the data on the decommissioned device is irrecoverable.

The following restrictions apply to device decommissioning:

Devices not encrypted on the Brocade Encryption platform or devices in cleartext cannot be
decommissioned with this command.

All nodes in the encryption group must run Fabric OS v6.4.0 or later.

All nodes in the encryption group must run Fabric OS v7.1.0 or later when keyvault type is not set to
DPM or LKM.

All nodes in the encryption group must run Fabric OS v6.4.0 or later when keyvault type is set to
DPM or LKM.

Device decommissioning does not work across a reboot. Rebooting terminates an ongoing
decommissioning process and the command must be reissued after completing the reboot.

Device decommissioning is supported with the DPM, TKLM, KMIP, ESKM, TEKA, and LKM key
vaults.

Decommissioning of tape devices or snap drive volumes is currently no supported.

Decommissioning does not automatically delete the keys. You must manually delete the keys from
the key vault to complete the operation.

OPERANDS

This command has the following operands:

--help -decommission

Displays the command usage help for the device decommissioning commands.

Advertising
Popular Brands
Popular manuals