Enabling encryption – Dell POWEREDGE M1000E User Manual

408

Fabric OS Administrator’s Guide

53-1002745-02

Encryption and compression examples

14

Are you done? (yes, y, no, n): [no] y
Saving data to key store... Done.

myswitch:admin> secauthsecret --show
WWN

DId

Name

-----------------------------------------------
10:00:00:05:1e:e5:cb:00

150

dcx_150

myswitch:admin>

Activate authentication

After you set up the DH-CHAP secrets, you activate DH-CHAP authentication.

myswitch:admin> authutil --policy -sw active
Warning: Activating the authentication policy requires either DH-CHAP secrets or
PKI certificates depending on the protocol selected. Otherwise, ISLs will be
segmented during next E-port bring-up.
ARE YOU SURE (yes, y, no, n): [no] y
Auth Policy is set to ON
myswitch:admin> authutil --show
AUTH TYPE

HASH TYPE

GROUP TYPE

--------------------------------------
dhchap

md5

4

Switch Authentication Policy: ON
Device Authentication Policy: OFF
myswitch:admin>

Enabling encryption

Next, you enable encryption on port 0. Note that the first attempt fails because the port is currently
enabled. This example uses the portCfgShow command to check the result. Notice that the output
shows encryption to be enabled on the port.

myswitch:admin> portcfgencrypt --enable 0
Please disable port to configure Encryption/Compression.
myswitch:admin> portdisable 0
myswitch:admin> portcfgencrypt --enable 0
Turning ON Encryption on port(246) will cause the port to be disabled during next
LOGIN
myswitch:admin> portenable 0
myswitch:admin> portcfgshow 0
Area Number:

0

Octet Speed Combo:

3(16G,10G)

Speed Level:

AUTO(SW)

AL_PA Offset 13:

OFF

Trunk Port

ON

Long Distance

OFF

VC Link Init

OFF

Locked L_Port

OFF

Locked G_Port

OFF

Disabled E_Port

OFF

Locked E_Port

OFF

ISL R_RDY Mode

OFF

RSCN Suppressed

OFF

Persistent Disable

OFF

LOS TOV enable

OFF

NPIV capability

ON

QOS E_Port

AE

Port Auto Disable:

OFF