Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, April 2009)

ManualsBrandsHP ManualsStorageBrocade 8/24c SAN Switch for BladeSystem c-Class

151

152

153

154

155

156

157

158

159

160

132 Fabric OS Command Reference

53-1001186-01

cryptoCfg

cryptocfg --show -container crypto_target_container_name -cfg | -stat

cryptocfg --show -tapepool -all | -label pool_label |-num pool_num -cfg | -stat

cryptocfg --show -LUN crypto_target_container_name LUN_Num initiator_PWWN -cfg | -stat

cryptocfg --show -rekey -all

cryptocfg --show -rekey crypto_target_container_name

cryptocfg --show -rekey crypto_target_container_name LUN_Num initiator_PWWN

cryptocfg --show -tape_sessions -all

cryptocfg --show -tape_sessions crypto_target_container_name

Description Use these cryptoCfg commands to configure and manage tape or disk devices that store the

encrypted and compressed data.

A CryptoTarget container (CTC) is a configuration of “virtual devices” that is created for each target

port hosted on a Brocade Encryption Switch or FS8-18 blade. The container holds the configuration

information for a single target, including associated hosts and LUN settings. A CryptoTarget

container interfaces between the encryption engine, the external storage devices (targets), and the

initiators (hosts) that can access the storage devices through the target ports.

Virtual devices redirect the traffic between host and target/LUN to encryption engines so they can

perform cryptographic operations. To enable frame redirection, you must create a target-initiator

zone prior to performing any CryptoTarget container configuration.

The CryptoTarget container (CTC) and associated Crypto LUN configuration is always configured

from the group leader node, and the configuration is subsequently propagated to all members in

the encryption group.

CTC configuration uses a transaction model. Configuration changes must be committed before they

take effect. Use the cryptocfg --commit command to commit the transaction. Refer to section “5.

Transaction management” on page 148 for more information.

This command set supports the following tasks:

1. Configure and manage CryptoTarget containers (CTCs). Create, move, or delete a CTC, add or

remove initiators (hosts permitted to access the targets), or manually initiate a failback of an

encryption engine.

2. Configure and manage logical unit numbers (LUNs) for disk and tape storage devices: add a

LUN to a CTC, set or modify LUN encryption policy parameters, or remove a LUN from a CTC.

Perform LUN discovery.

3. Configure and manage tape pools: create a tape pool, set or modify tape pool encryption

policies, or delete a tape pool. Perform LUN discovery.

In addition, this command set includes the following display commands. Output may vary

depending on your configuration. Refer to the Appendix of the Fabric OS Encryption Administrator’s

Guide for

a more comprehensive explanation of system states.

Use the --show -container -all -stat command for runtime status information on all CryptoTarget

containers in the encryption group. The display includes the following information:

• Encryption group name

• Number of containers

• For each container: