Brocade OS Command Reference Manual Supporting Fabric OS v6.0.0 (53-1000599-01, October 2007)
Fabric OS Command Reference 209
53-1000599-01
fipsConfig
2
--verify fips This option will run through the prerequisites for enabling FIPS and print the
failure/success cases.
--disable | --enable bootprom
Disables or enables the Boot Programmable Read-Only Memory (Boot PROM)
on the switch.Boot PROM access is blocked in FIPS mode. Disabling Boot
PROM requires root permission. Enabling Boot PROM does not require root
permission.
--help Print command usage.
Examples Show current FIPS configuration:
switch:admin> fipscfg --show
FIPS mode is : Disabled
FIPS Selftests mode/status is : Disabled/None
Verify FIPS prerequisites:
switch:admin>fipscfg --verify fips
Standby firmware supports FIPS
SELF tests check has passed
Root account is enabled.
Radius check has passed
Authentication check has passed
SNMP is in read only mode.
Bootprom access is disabled.
Firmwaredownload signature verification is enabled.
cfgload.secure parameter value is 1.
Enable selftests:
switch admin> fipscfg --enable selftests
FIPS Selftests mode/status has been set to : Enabled/None
Attempt to enable FIPS when prerequisites are not met:
switch:admin> fipscfg --enable fips
SelfTests mode is not enabled.
Root account is enabled.
Authentication uses MD5 hash algorithm.
Authentication uses DH group 0.
Telnet port number <23> for the policy <default_ipv4> is in permit state.
HTTP port number <80> for the policy <default_ipv4> is in permit state.
RPC port number <898> for the policy <default_ipv4> is in permit state.
Telnet port number <23> for the policy <default_ipv6> is in permit state.
HTTP port number <80> for the policy <default_ipv6> is in permit state.
RPC port number <898> for the policy <default_ipv6> is in permit state.
SNMP is not in read only mode.
Bootprom access is enabled.
FIPS mode cannot be configured at this time
See Also None