HP StorageWorks 2/16V HP StorageWorks SAN Switch 2/8V, 2/16V, 2/16N Fabric OS - Page 16

SAN Switch 2/8V, SAN Switch 2/16V and SAN Switch, Security: Secure mode

Get HP StorageWorks 2/16V - SAN Switch PDF manuals and user guides View all HP StorageWorks 2/16V manuals
Add to My Manuals
Save this manual to your list of manuals

Page 16 highlights

Important Notes Table 4: Fabric OS Area Information (Continued) Fabric OS Area Security: PKICERT utility, installing certificates Security: selectelnet Security: Secure mode Security: Secure mode, passwd Telnet Security: SLAP counter Description PKICERT v1.0.6 is the most current version of the PKICERT utility. When running the PKICERT utility to install switch certificates in a fabric that did not previously contain switch certificates, select the option to specify that certificates are installed on only those switches that do not currently contain certificates. SAN Switch 2/8V, SAN Switch 2/16V and SAN Switch 2/16N models are delivered with switch certificates preinstalled. Switches that were originally shipped with Fabric OS v2.5, v3.x, and v4.x and have never installed and enabled Secure Fabric OS do not have certificates installed. If you need to reinstall switch certificates, follow these guidelines: ■ The host running PKICERT v1.0.6 must be connected to a proxy switch running Fabric OS v2.6.2, v3.1.2, or v4.2. ■ All switches in the fabric can run v2.6.1, v3.1, v4.1 or newer firmware. If you try to log in to a switch through a sectelnet client while that switch is in the process of either booting or shutting down, you might see the message, Random number generation failed. The message is printed by the sectelnet client because the switch Telnet service is not running (the service has either already been shut down (if the switch is shutting down), or is not yet established (if the switch is booting). If the switch is booting, wait a few seconds and try again. If an upgrade from Fabric OS v4.x to v4.1 or v4.2 is performed, followed by a downgrade to Fabric OS v4.x and upgrade back to Fabric OS v4.1 or v4.2, the switch password state is reset and prompts the user for new Secure mode passwords. CAUTION: Using the passwd Telnet command in Secure mode to change the password results in all sessions using that password being logged out, including the session that changed the password. This is expected behavior. The session terminates if you change the password in Secure mode. The SLAP counter is designed to work when all the switches in the fabric are in Secure mode. All the switches in the fabric must be in Secure mode for accurate SLAP statistics. 16 SAN Switch 2/8V, 2/16V, 2/16N Fabric OS 4.2.x Release Notes

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
Important Notes
16
SAN Switch 2/8V, 2/16V, 2/16N Fabric OS 4.2.x Release Notes
Security: PKICERT
utility, installing
certificates
PKICERT v1.0.6 is the most current version of the PKICERT utility.
When running the PKICERT utility to install switch certificates in a fabric that
did not previously contain switch certificates, select the option to specify that
certificates are installed on only those switches that do not currently contain
certificates.
SAN Switch 2/8V, SAN Switch 2/16V and SAN Switch
2/16N models are delivered with switch certificates preinstalled.
Switches that were originally shipped with Fabric OS v2.5, v3.x, and v4.x
and have never installed and enabled Secure Fabric OS do not have
certificates installed.
If you need to reinstall switch certificates, follow these guidelines:
The host running PKICERT v1.0.6 must be connected to a proxy
switch running Fabric OS v2.6.2, v3.1.2, or v4.2.
All switches in the fabric can run v2.6.1, v3.1, v4.1 or newer
firmware.
Security: selectelnet
If you try to log in to a switch through a sectelnet client while that switch is in
the process of either booting or shutting down, you might see the message,
Random number generation failed
. The message is printed by the
sectelnet client because the switch Telnet service is not running (the service
has either already been shut down (if the switch is shutting down), or is not
yet established (if the switch is booting). If the switch is booting, wait a few
seconds and try again.
Security: Secure mode
If an upgrade from Fabric OS v4.x to v4.1 or v4.2 is performed, followed
by a downgrade to Fabric OS v4.x and upgrade back to Fabric OS v4.1 or
v4.2, the switch password state is reset and prompts the user for new Secure
mode passwords.
Security: Secure mode,
passwd Telnet
CAUTION: Using the
passwd
Telnet command in Secure mode to change
the password results in all sessions using that password being logged out,
including the session that changed the password.
This is expected behavior. The session terminates if you change the
password in Secure mode.
Security: SLAP counter
The SLAP counter is designed to work when all the switches in the fabric are
in Secure mode. All the switches in the fabric must be in Secure mode for
accurate SLAP statistics.
Table 4:
Fabric OS Area Information (Continued)
Fabric OS Area
Description