Reference (Supporting Fabric OS v7.3.0) Owner manual
Table Of Contents
- Contents
- About This Document
- Using Fabric OS Commands
- Fabric OS Commands
- aaaConfig
- ad
- ag
- agAutoMapBalance
- agShow
- aliAdd
- aliCreate
- aliDelete
- aliRemove
- aliShow
- appLoginHistory
- aptPolicy
- auditCfg
- auditDump
- authUtil
- bannerSet
- bannerShow
- bcastShow
- bladeCfgGeMode
- bladeDisable
- bladeEnable
- bladeSwap
- bootLunCfg
- bottleneckMon
- bpPortLoopbackTest
- bpTurboRamTest
- bufOpMode
- ceePortLedTest
- ceePortLoopbackTest
- ceeTurboRamTest
- cfgActvShow
- cfgAdd
- cfgClear
- cfgCreate
- cfgDelete
- cfgDisable
- cfgEnable
- cfgRemove
- cfgSave
- cfgShow
- cfgSize
- cfgTransAbort
- cfgTransShow
- chassisBeacon
- chassisCfgPerrThreshold
- chassisDisable
- chassisDistribute
- chassisEnable
- chassisName
- chassisShow
- classConfig
- cliHistory
- cmsh
- configDefault
- configDownload
- configList
- configRemove
- configShow
- configUpload
- configure
- configureChassis
- creditRecovMode
- cryptoCfg
- dataTypeShow
- date
- dbgShow
- defZone
- diagClearError
- diagDisablePost
- diagEnablePost
- diagHelp
- diagPost
- diagRetry
- diagShow
- distribute
- dlsReset
- dlsSet
- dlsShow
- dnsConfig
- enclosureShow
- errClear
- errDelimiterSet
- errDump
- errFilterSet
- errModuleShow
- errShow
- ethIf
- exit
- extnCfg
- fabRetryShow
- fabRetryStats
- fabricLog
- fabricName
- fabricPrincipal
- fabricShow
- fabStatsShow
- fanDisable
- fanEnable
- fanShow
- faPwwn
- fastBoot
- fcipHelp
- fcipLedTest
- fcipPathTest
- fcoe
- fcoeLoginCfg
- fcoeLoginGroup
- fcPing
- fcpLogClear
- fcpLogDisable
- fcpLogEnable
- fcpLogShow
- fcpProbeShow
- fcpRlsProbe
- fcpRlsShow
- fcrBcastConfig
- fcrConfigure
- fcrEdgeShow
- fcrFabricShow
- fcrIclPathBWMonitor
- fcrLsan
- fcrLsanCount
- fcrLsanMatrix
- fcrPhyDevShow
- fcrProxyConfig
- fcrProxyDevShow
- fcrResourceShow
- fcrRouterPortCost
- fcrRouteShow
- fcrXlateConfig
- fddCfg
- fdmiCacheShow
- fdmiShow
- femDump
- ficonCfg
- ficonClear
- ficonCupSet
- ficonCupShow
- ficonHelp
- ficonShow
- fipsCfg
- firmwareCommit
- firmwareDownload
- firmwareDownloadStatus
- firmwareKeyShow
- firmwareRestore
- firmwareShow
- firmwareSync
- flow
- fmMonitor
- fosConfig
- fosExec
- frameLog
- fspfShow
- fwAlarmsFilterSet
- fwAlarmsFilterShow
- fwClassInit
- fwConfigReload
- fwFruCfg
- fwHelp
- fwMailCfg
- fwPortDetailShow
- fwSamShow
- fwSet
- fwSetToCustom
- fwSetToDefault
- gePortErrShow
- h
- haDisable
- haDump
- haEnable
- haFailover
- haRedundancy
- haShow
- haSyncStart
- haSyncStop
- help
- historyLastShow
- historyMode
- historyShow
- i
- iclCfg
- ifModeSet
- ifModeShow
- iflShow
- interfaceShow
- iodReset
- iodSet
- iodShow
- ipAddrSet
- ipAddrShow
- ipFilter
- ipSecConfig
- islShow
- itemList
- killTelnet
- ldapCfg
- lfCfg
- licenseAdd
- licenseIdShow
- licensePort
- licenseRemove
- licenseShow
- licenseSlotCfg
- linkCost
- logicalGroup
- login
- logout
- lsanZoneShow
- lsCfg
- lsDbShow
- mapsConfig
- mapsDb
- mapsHelp
- mapsPolicy
- mapsRule
- mapsSam
- memShow
- motd
- msCapabilityShow
- msConfigure
- msPlatShow
- msPlatShowDBCB
- msPlClearDB
- msPlMgmtActivate
- msPlMgmtDeactivate
- msTdDisable
- msTdEnable
- msTdReadConfig
- myId
- nbrStateShow
- nbrStatsClear
- nodeFind
- nsAliasShow
- nsAllShow
- nsCamShow
- nsDevLog
- nsShow
- nsZoneMember
- nsZoneShow
- passwd
- passwdCfg
- pathInfo
- pdShow
- perfAddEEMonitor
- perfCfgClear
- perfCfgRestore
- perfCfgSave
- perfClearAlpaCrc
- perfDelEEMonitor
- perfHelp
- perfMonitorClear
- perfMonitorShow
- perfResourceShow
- perfSetPortEEMask
- perfShowAlpaCrc
- perfShowPortEEMask
- perfTTmon
- portAddress
- portAlpaShow
- portBeacon
- portBufferCalc
- portBufferShow
- portCamShow
- portCfg
- portCfgAlpa
- portCfgAutoDisable
- portCfgCompress
- portCfgCreditRecovery
- portCfgDefault
- portCfgDPort
- portCfgEncrypt
- portCfgEport
- portCfgEportCredits
- portCfgEXPort
- portCfgFaultDelay
- portCfgFec
- portCfgFillword
- portCfgFlogiLogout
- portCfgFportBuffers
- portCfgGE
- portCfgGeMediaType
- portCfgGport
- portCfgISLMode
- portCfgLongDistance
- portCfgLossTov
- portCfgLport
- portCfgNonDfe
- portCfgNPIVPort
- portCfgNPort
- portCfgOctetSpeedCombo
- portCfgPersistence
- portCfgPersistentDisable
- portCfgPersistentEnable
- portCfgQoS
- portCfgShow
- portCfgSpeed
- portCfgTrunkPort
- portCfgVEXPort
- portCmd
- portDebug
- portDecom
- portDisable
- portDPortTest
- portEnable
- portEncCompShow
- portErrShow
- portFencing
- portFlagsShow
- portLedTest
- portLogClear
- portLogConfigShow
- portLogDisable
- portLogDump
- portLogDumpPort
- portLogEnable
- portLogEventShow
- portLoginShow
- portLogPdisc
- portLogReset
- portLogResize
- portLogShow
- portLogShowPort
- portLogTypeDisable
- portLogTypeEnable
- portLoopbackTest
- portMirror
- portName
- portPeerBeacon
- portPerfShow
- portRouteShow
- portShow
- portStats64Show
- portStatsClear
- portStatsShow
- portSwap
- portSwapDisable
- portSwapEnable
- portSwapShow
- portTest
- portTestShow
- portThConfig
- portTrunkArea
- portZoneShow
- powerOffListSet
- powerOffListShow
- psShow
- rasAdmin
- rasMan
- reboot
- relayConfig
- roleConfig
- routeHelp
- rtLogTrace
- secActiveSize
- secAuthSecret
- secCertUtil
- secDefineSize
- secGlobalShow
- secHelp
- secPolicyAbort
- secPolicyActivate
- secPolicyAdd
- secPolicyCreate
- secPolicyDelete
- secPolicyDump
- secPolicyFCSMove
- secPolicyRemove
- secPolicySave
- secPolicyShow
- secStatsReset
- secStatsShow
- sensorShow
- serDesTuneMode
- setContext
- setDbg
- setVerbose
- sfpShow
- shellFlowControlDisable
- shellFlowControlEnable
- slotPowerOff
- slotPowerOn
- slotShow
- snmpConfig
- snmpTraps
- spinFab
- sshUtil
- statsClear
- stopPortTest
- supportFfdc
- supportFtp
- supportInfoClear
- supportSave
- supportShow
- supportShowCfgDisable
- supportShowCfgEnable
- supportShowCfgShow
- switchBeacon
- switchCfgPersistentDisable
- switchCfgPersistentEnable
- switchCfgSpeed
- switchCfgTrunk
- switchDisable
- switchEnable
- switchName
- switchShow
- switchStatusPolicySet
- switchStatusPolicyShow
- switchStatusShow
- switchUptime
- switchViolation
- syslogdFacility
- syslogdIpAdd
- syslogdIpRemove
- syslogdIpShow
- sysMonitor
- sysShutDown
- tempShow
- thConfig
- thMonitor
- timeOut
- topologyShow
- traceDump
- trunkDebug
- trunkShow
- tsClockServer
- tsTimeZone
- turboRamTest
- upTime
- uRouteShow
- usbStorage
- userConfig
- version
- wwn
- wwnAddress
- zone
- zoneAdd
- zoneCreate
- zoneDelete
- zoneHelp
- zoneObjectCopy
- zoneObjectExpunge
- zoneObjectRename
- zoneObjectReplace
- zoneRemove
- zoneShow
- Primary FCS Commands
- Command Availability
64 Fabric OS Command Reference
53-1003131-01
authUtil
2
To enable Sha256 hash type:
sha256 hash type is recommended for FIPS configuration.
switch:admin> authutil --set -h sha256
Hash is set to sha256.
switch:admin> authutil --show
AUTH TYPE HASH TYPE GROUP TYPE
--------------------------------------
fcap,dhchap sha256 1
Switch Authentication Policy: PASSIVE
Device Authentication Policy: OFF
To set DH group 3:
switch:admin> authutil --set -g 3
DH Group was set to 3.
To set all DH groups to be specified in the authentication negotiation in the order of 0, 1, 2, 3, and 4:
switch:admin> authutil --set -g "*"
DH Group is set to 0,1,2,3,4
To set the Switch policy to active mode:
switch:admin> authutil --policy -sw active
Warning: Activating the authentication policy requires
either DH-CHAP secrets or PKI certificates depending
on the protocol selected. Otherwise, ISLs will be
segmented during next E-port bring-up.
ARE YOU SURE (yes, y, no, n): [no] y
Auth Policy is set to ACTIVE
To set the Device policy to passive mode:
switch:admin> authutil --policy -dev passive
Warning: Activating the authentication policy requires
DH-CHAP secrets on both switch and device. Otherwise,
the F-port will be disabled during next F-port
bring-up.
ARE YOU SURE (yes, y, no, n): [no] y
Device authentication is set to PASSIVE
To set the device authentication policy to "on" mode:
switch:admin> authutil --policy -dev on
Warning: Activating the authentication policy requires
DH-CHAP secrets on both switch and device. Otherwise,
the F-port will be disabled during next F-port
bring-up.
ARE YOU SURE (yes, y, no, n): [no] y
Device authentication is set to ON
2008/03/24-23:13:06, [AUTH-1003], 112,, INFO, Stealth_3,
Device authentication type has been successfully set to ON