HP StorageWorks 2/128 Brocade Fabric OS Command Reference Manual (53-1000240-0 - Page 67
authUtil, Synopsis, Description, Operands, Examples
View all HP StorageWorks 2/128 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 67 highlights
Note: Enter commands in lowercase only; mixed case is for readability. authUtil 2 authUtil Displays and sets the authentication configuration. Synopsis authutil [--show][--set value] Description Use this command to display and set local switch authentication parameters. Use --set to change authentication parameters such as protocol and Diffie-Hellman group (DH group). This saves the new configuration persistently. The authentication process uses the protocol that is set using this command. When no protocol is set, the default setting of "fcap, dhchap" is used. When no group is set, the default setting of "*" (meaning "0,1,2,3,4") is used . The new configuration is effective with the next authentication request. Use --show to display the current authentication configuration of the switch. Use portShow to display the authentication type and associated parameters, if applicable, used on the port at port online or when enabling security, whichever occurs last. Note The execution of this command is subject to Admin Domain restrictions that may be in place. Operands Examples This command has the following operands: --show Displays local authentication configuration. --set value Modifies authentication configuration. Values include: -a Sets authentication protocol. Specify "fcap" to set only FCAP authentication, "dhchap" to set only DH-CHAP authentication, and "all" to set both FCAP and DH-CHAP (default). When authentication is set to "all", implicit order is FCAP followed by DH-CHAP, meaning that in authentication negotiation FCAP is given priority over DH-CHAP on the local switch; however a responder can still select DH-CHAP. -g Sets Diffie-Hellman (DH) group. Valid values are 0 - 4 and "*". DH group 0 is called NULL DH. You can select other groups between 1 and 4. Each DH group specifies a key size and associated parameters implicitly. Higher group value provides stronger cryptography and higher level of security in authentication protocol. When DH group is set to a specified value, only that DH group is enabled in authentication. Specifying "*" as a group enables all DH groups 0, 1, 2, 3, and 4, in that order, meaning that in authentication negotiation NULL DH is given priority over other groups; however a responder can still select another DH group. Without any specified operands, the command displays the usage. To display authentication configuration on the switch: switch:admin> authutil --show AUTH TYPE HASH TYPE GROUP TYPE fcap,dhchap sha1,md5 0,1,2,3,4 Fabric OS Command Reference Manual Publication Number: 53-1000240-01 2-33