HP StorageWorks 2/128 HP StorageWorks SAN Director 2/128 Fabric OS V4.2.x Rele - Page 18
Security: SSH login, Security: SLAP counter
![]() |
View all HP StorageWorks 2/128 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 18 highlights
Important Notes Table 5: Fabric OS Area Information (Continued) Fabric OS Area Security: PKICERT utility, installing certificates Security: selectelnet Security: secure mode Security: secure mode, passwd Telnet Security: SLAP counter Security: SSH login Description PKICERT v1.0.6 is the most current version of the PKICERT utility. When running the PKICERT utility to install switch certificates in a fabric that did not previously contain switch certificates and now includes a SAN Director 2/128, select the option to specify that certificates are installed on only those switches that do not currently contain certificates. SAN Director 2/128s are delivered with switch certificates preinstalled. Switches that were originally shipped with Fabric OS v2.5, v3.0, and v4.0 and have never installed and enabled Secure Fabric OS do not have certificates installed. If you need to reinstall switch certificates in a SAN Director 2/128, follow these guidelines: ■ The host running PKICERT v1.0.6 must be connected to a proxy switch running Fabric OS v2.6.2, v3.1.2, or v4.2. ■ All switches in the fabric other than the SAN Director 2/128 can run v2.6.1, v3.1, v4.1 or newer firmware. If you try to log in to a switch through a sectelnet client while that switch is in the process of either booting or shutting down, you might see the message, Random number generation failed. The message is printed by the sectelnet client because the switch Telnet service is not running (the service has either already been shut down (if the switch is shutting down), or is not yet established (if the switch is booting). If the switch is booting, wait a few seconds and try again. If an upgrade from Fabric OS v4.0 to v4.1 or v4.2 is performed, followed by a downgrade to Fabric OS v4.0 and upgrade back to Fabric OS v4.1 or v4.2, the switch password state is reset and prompts the user for new secure mode passwords. CAUTION: Using the passwd Telnet command in secure mode to change the password results in all sessions using that password being logged out, including the session that changed the password. This is expected behavior. The session terminates if you change the password in secure mode. The SLAP counter is designed to work when all the switches in the fabric are in secure mode. All the switches in the fabric must be in secure mode for accurate SLAP statistics. To properly connect SSH login, wait for secure mode to complete before rebooting or performing HA failover on the SAN Director 2/128. If secure mode is enabled and a reboot occurs before secure mode completes, SSH login does not connect and goes to the wrong MAC address, because the active CP changes after an HA failover. 18 SAN Director 2/128 Fabric OS 4.2.x Release Notes
![](/manual_guide/products/hewlettpackard-storageworks-2128-hp-storageworks-san-director-2128-fabric-os-v42x-release-notes-352aceb/18.png)