Dell POWEREDGE M1000E User Manual

Fabric OS Command Reference

157

53-1001764-02

cryptoCfg

2

--

set -quorumsize

Sets the quorum size used to authenticate functions that require a quorum of
authentication cards. The default value is zero. You can set the quorum size
only if the current value is zero. Note that this value is different from the
recovery set size that specifies the number of recovery shares used to
perform Master Key recovery. When quorum authentication is enabled
(Quorum Size is > 0), this operation requires authentication of a quorum of
authentication cards.

value

Specifies the quorum size. Valid values are 0 (quorum authentication is
disabled) and 1-5 (quorum authentication is enabled). This operand is
required.

--

set -systemcard

enable | disable

Enables or disables the system card usage policy. When the policy is enabled,
a system card is required to be inserted in an encryption engine to enable
encryption after a power-cycle event. When quorum authentication is enabled
(Quorum Size is > 0), this operation requires authentication of a quorum of
authentication cards. The policy is by default disabled. This command must
be executed on the group leader.

. --set -replication enable | disable

Enables or disables replication-specific features. You must enable replication
before you can use replication-specific features such as the -newLUN,
-include_mirror, or the

--

refreshDEK command. Replication is disabled by

default; it must be enabled on the group leader.

--

add -membernode

Adds the specified member node to the existing encryption group. The
member node is specified by its node WWN. This command is valid only on
the group leader. Initial setup on the node must be performed prior to adding
the node to an encryption group.

This command is required only when a node that was earlier part of
encryption group (online and DISCOVERED) was ejected or left the encryption
group and is now added back to that encryption group. A member node that
is online during registration is added automatically to the encryption group.
The following operand is required:

node_WWN

Specifies the WWN of the node to be added back to the encryption group.

--

eject -membernode

Removes a member node from the existing encryption group. The node is
specified by its node WWN. This command is valid only on the group leader.
The node must be online (in DISCOVERED state) for this command to
succeed. To remove a node that is not online (in DISCOVERING State), use
--

dereg -membernode. You must remove the EEs from the HA cluster and

delete any Crypto Target container/LUN configurations from this node before
ejecting the node or the command fails. The following operand is required
when ejecting a member node:

node_WWN

Specifies the node WWN of the node to be removed from the encryption
group.