HP StorageWorks 4/32 Brocade Fabric OS Command Reference Guide v6.0.0 (53-1000 - Page 64
authUtil, that order. This means that in authentication negotiation NULL DH is given
View all HP StorageWorks 4/32 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 64 highlights
2 authUtil authUtil Displays and sets the authentication configuration. Synopsis authutil [--show] [--set value option] [--policy -sw option| -dev option] [--authinit slotnumber/portnumber[; slotnumber/] portnumber...| allE] Description Use this command to display and set local switch authentication parameters. Use --set to change authentication parameters such as protocol, Diffie-Hellman group (DH group), or hash type. When no protocol is set, the default setting of "FCAP, DH- CHAP" is used. When no group is set, the default setting of "*" (meaning "0,1,2,3,4") is used. Configuration settings are saved persistently across reboots. Configuration changes take effect during the next authentication request. Use --show to display the current authentication configuration. Use portShow to display the authentication type and associated parameters, if applicable, used on the port. Note The execution of this command is subject to Admin Domain restrictions that may be in place. Operands When invoked without operands, this command displays the usage. The following operands are supported: --show Displays local authentication configuration. --set value Modifies authentication configuration. Valid values are: -a fcap |dhchap | all Sets authentication protocol. Specify "fcap" to set only FCAP authentication, "dhchap" to set only DH-CHAP authentication. Specify "all" to set both FCAP and DH-CHAP, which is the default setting. When authentication is set to "all", the implicit order is FCAP followed by DH-CHAP. THis means that in authentication negotiation FCAP is given priority over DH-CHAP on the local switch. -g 0|1|2|3|4|* Sets Diffie-Hellman (DH) group. Valid values are 0 to 4 and "*". DH group 0 is called NULL DH. Each DH group implicitly specifies a key size and associated parameters. Higher group value provides stronger cryptography and a higher level of security. When DH group is set to a specified value, only that DH group is enabled. Specifying "*" enables all DH groups 0, 1, 2, 3, and 4, in that order. This means that in authentication negotiation NULL DH is given priority over other groups. -h Sets hash type. Use this option with a value of 1 to disable md5 authentication access. Disabling md5 access is required when configuring the system for FIPS. Refer to the Fabric OS Administrator's Guide for details on FIPS configuration. --policy Sets the Switch authentication policy or Device authentication policy. The following sub-operands are supported: -sw on|off|active|passive set switch authentication policy. Specify one of the following modes. Operands are exclusive. 38 Fabric OS Command Reference 53-1000599-01