Brocade Fabric OS Encryption Administrator's Guide Supporting Fabric OS v6.2.0 (53-1001201-04, May 2009)
Encryption Administrator’s Guide 151
53-1001201-04
Crypto LUN configuration
3
a. Discover the LUN.
FabricAdmin:switch>cryptocfg --discoverLUN my_tape_tgt
Container name: my_tape_tgt
Number of LUN(s): 1
Host: 10:00:00:00:c9:2b:c9:3a
LUN number: 0x0
LUN serial number:
Key ID state: Key ID not Applicable
b. Add the LUN to the tape CryptoTarget container. The following example enables the LUN
for encryption and sets the key expiration to 90 days.
FabricAdmin:switch>cryptocfg --add -LUN my_tape_tgt 0x0 \
10:00:00:00:c9:2b:c9:3a 20:00:00:00:c9:2b:c9:3a -encrypt -key_lifespan 90
Operation Succeeded
c. Change the encryption format from Brocade native to DF-compatible.
FabricAdmin:switch>cryptocfg --modify -LUN my_tape_tgt 0x0
10:00:00:00:c9:2b:c9:3a DF_compatible
Operation Succeeded
NOTE
When changing the tape LUN policy from encrypt to cleartext or from cleartext to encrypt,
or the encryption format from Brocade native to DF-compatible while data is being written
to or read from a tape backup device, the policy change is not enforced until the current
process completes and the tape is unmounted, rewound, or overwritten. Refer to the
section “Impact of tape LUN configuration changes” on page 160 for more information.
d. Commit the configuration.
FabricAdmin:switch>cryptocfg --commit
Operation Succeeded
e. Display the LUN configuration
FabricAdmin:switch>cryptocfg --show -LUN my_tape_tgt 0x0 \
10:00:00:00:c9:2b:c9:3a -cfg
EE node: 10:00:00:05:1e:41:9a:7e
EE slot: 0
Target: 20:0c:00:06:2b:0f:72:6d 20:00:00:06:2b:0f:72:6d
VT: 20:00:00:05:1e:41:4e:1d 20:01:00:05:1e:41:4e:1d
Number of host(s): 1
Configuration status: committed
Host: 21:00:00:e0:8b:89:9c:d5 20:00:00:e0:8b:89:9c:d5
VI: 10:00:00:00:c9:2b:c9:3a 20:03:00:05:1e:41:4e:31
LUN number: 0x0
LUN type: tape
LUN status: 0
Encryption mode: encrypt
Encryption format: DF_compatible
Tape type: tape
Key life: 90 (day)
Volume/Pool label:
Operation succeeded.