Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, April 2009)
118 Fabric OS Command Reference
53-1001186-01
cryptoCfg
2
--setEE Sets the encryption routing policy on the local encryption engine to either
shared or partitioned. By default the encryption blade is enabled with a
“shared dynamic path selection (DPS)“ configuration. A slotpoweroff followed
by a slotpoweron is required on the encryption blade for the configuration
change to take effect. The encryption switch must be rebooted for the change
to take effect. In Fabric OSv6.2.0, this command requires root permissions.
Routing policy configuration changes persist across switch reboots and
power-cycling of the blade, and also survive the CP HA Failover in a chassis or
HotCode load on the Encryption switch.
Use cryptocfg --show -localEE to view the routing policy configuration on the
local encryption engine.
slot_number Specifies the slot number of the encryption engine for which to set the routing
policy. This operand is required on bladed systems.
-routing shared | partitioned
Sets the encryption routing policy. When shared is selected,dynamic path
selection (DPS) is enabled.When partitioned is selected, static routing is
enabled. By default, shared routing is enabled.
--enableEE | --disableEE
Enables or disables an encryption engine to perform encryption. You must
create the encryption group and complete the key vault registration before
you can enable an encryption engine for encryption. In addition, you must
re-enable the encryption engine for encryption every time a Brocade
Encryption Switch or DCX chassis goes through a power cycle event or after
issuing slotpoweroff followed by slotpoweron for an FS8-18 blade. This
command is valid on all nodes.
slot_number Specifies the slot number to identify the encryption engine. This operand is
required on bladed systems.
--export Exports a certificate from the local encryption switch or blade to a specified
external host or to a mounted USB device. This command is valid on all
nodes. The files are exported from the predetermined directory that was
generated during the node initialization phase. The following operands are
supported with the --export command:
-scp Exports a specified certificate to an external host using the secure copy (SCP)
protocol.
When -scp is specified, the following operands are required:
host IP | host_name
Specifies the IP address of the host to which the file is to be exported. To
specify the host by name, it must first be configured with dnsconfig.
host_username
Specifies the user name for the host. Depending on your host
configuration, the command may prompt for a password.