HP AE370A HP StorageWorks Fabric OS 6.2 administrator guide (5697-0016, May 20 - Page 114
Telnet protocol
UPC - 882780362611
View all HP AE370A manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 114 highlights
3. Enter the keytool command and respond to the prompts (in the following example, changeit is the default password and RootCert is an example root certificate name): C:\Program Files\Java\j2re1.6.0\bin> keytool -import -alias RootCert -file RootCert.crt -keystore ..\lib\security\RootCerts Enter keystore password: changeit Owner: CN=Brocade, OU=Software, O=Brocade Communications, L=San Jose, ST=California, C=US Issuer: CN=Brocade, OU=Software, O=Brocade Communications, L=San Jose, ST=California, C=US Serial number: 0 Valid from: Thu Jan 15 16:27:03 PST 2007 until: Sat Feb 14 16:27:03 PST 2007 Certificate fingerprints: MD5: 71:E9:27:44:01:30:48:CC:09:4D:11:80:9D:DE:A5:E3 SHA1: 06:46:C5:A5:C8:6C:93:9C:FE:6A:C0:EC:66:E9:51:C2:DB:E6:4F:A1 Trust this certificate? [no]: yes Certificate was added to keystore Summary of certificate commands Table 20 identifies the commands for displaying and deleting certificates. For details on the commands, see the Fabric OS Command Reference. Table 20 Commands for displaying and deleting SSL certificates Command Description secCertUtil show secCertUtil show filename secCertUtil showcsr secCertUtil delete filename secCertUtil delcsr Displays the state of the SSL key and a list of installed certificates Displays the contents of a specific certificate Displays the contents of a CSR Deletes a specified certificate Deletes a CSR Telnet protocol Telnet is enabled by default. To prevent passing clear text passwords over the network when connecting to the switch, you can block the Telnet protocol using an IP Filter policy. IMPORTANT: Before blocking Telnet, make sure you have an alternate method of establishing a connection with the switch. Blocking Telnet 1. Connect to the switch and log in as admin (connect through some means other than Telnet: for example, through SSH). 2. Create a policy by typing the following command: ipfilter --create policyname -type < ipv4 | ipv6 > where policyname is the name of the new policy and -type specifies an IPv4 or IPv6 address. Example: Creating a policy ipfilter --create block_telnet_v4 --type ipv4 3. Add a rule to the policy, by typing the following command: ipfilter --addrule -rule rule_number -sip source_IP -dp dest_port -proto protocol -act 112 Configuring standard security features