HP 8/8 Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2 - Page 229
fipsCfg, Con s FIPS Federal Information Processing Standards mode.
View all HP 8/8 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 229 highlights
fipsCfg 2 fipsCfg Configures FIPS (Federal Information Processing Standards) mode. Synopsis fipscfg --enable [fips | selftests] fipscfg --disable [fips | selftests] fipscfg --zeroize fipscfg --show | --showall fipscfg --force fips fipscfg --verify fips fipscfg --disable | --enable bootprom Description Use this command to configure FIPS mode in the switch. In this mode, only FIPS-compliant algorithms are allowed. As part of FIPS 140-2 level 2 compliance, passwords, shared secrets and the private keys used in SSL/TLS, system login, etc., need to be zeroized. Power-up self tests are executed when the switch is powered on to check for the consistency of the algorithms implemented in the switch. Notes Certain services and functions, such as FTP, HTTP, remote procedure calls (RPC), root account, boot prom access, etc., must be blocked for the system to enter FIPS mode. LDAP should not be configured while FIPS is enabled. The system must be rebooted for FIPS mode changes to take effect. Refer to the Fabric OS Administrator's Guide for information on configuring your system for FIPS 140-2 level 2 compliance. FIPS mode cannot be modified through configDownload. FIPS is not supported on all platforms. For FIPS-compliant hardware, refer to the Fabric OS Administrator's Guide. The execution of this command is subject to Admin Domain restrictions that may be in place. Refer to chapter 1, "Understanding Admin Domain Restrictions" and Appendix A, "Command Availability" for details. Operands This command has the following operands: --disable [fips | selftests] Disables FIPS or Selftests mode. Note: Selftests cannot be disabled when FIPS mode is enabled. --enable [fips | selftests] Enables FIPS or Selftests mode. Notes: Selftests must be enabled before FIPS mode is enabled. --zeroize Erases all passwords, shared secrets, private keys, etc. in the system. --show |--showall Displays the current FIPS configuration. Fabric OS Command Reference 203 53-1000599-02