Manualshelf

Brocade OS Command Reference Manual Supporting Fabric OS v6.0.0 (53-1000599-01, October 2007)

ManualsBrandsHP ManualsComputer AccessoriesHP DC SAN Director Switch Multiprotocol Extension Blade Option
61626364656667686970
Fabric OS Command Reference 39
53-1000599-01
authUtil
2
on Sets the switch authentication policy to ON mode. Strict authentication will be
enforced on all E_ports. The inter switch link (ISL) will go down (port disable),
if the connecting switch does not support the authentication or policy is
switched off.
off Turns off the authentication and the switch rejects any authentication
requests.
active Sets the authentication policy to active mode. During switch initialization,
authentication will be initiated on all E_ports, but the port will not be disabled
if the connecting switch does not support authentication or the
authentication policy is turned off.
passive (default) Sets the authentication policy to passive mode. The switch does not initiate
authentication but participates in authentication if the connecting switch
initiates authentication.
-dev off|passive
Set device authentication policy. Two modes are supported. Device
authentication policy is off by default.
off Turns off the device authentication policy. Authentication is not required. The
switch ignores any authentication requests and continues with the FC probing
without authentication.
passive Sets the authentication policy to Passive mode. Authentication is optional. If
the attached device is capable of doing the authentication then the switch
participates in authentication; otherwise it will form an F_Port without
authentication. In this mode the device accepts authentication on all F_ports.
authinit [slotnumber/]portnumber [,slotnumber/portnumber...| allE]
Re-initiates authentication on selected ports after changing the DH-chap
group, hash type, and shared secret between a pair of switches. This
command will not work on Private, Loop, NPIV and FICON devices. The
command can re-initiate authentication only if the device was previously
authenticated. This command may bring down the E_Port(s) if the DH-CHAP
shared secrets are not installed correctly. Valid values include:
slotnumber Specify the slot number if applicable.
portnumber Specify the port number. On chassis-based systems, use the slot/port format
for specifying the port number.
allE Specify all E_ports in the switch.
Examples To display authentication configuration on the switch:
switch:admin> authutil --show
AUTH TYPE HASH TYPE GROUP TYPE
--------------------------------------
fcap,dhchap sha1,md5 0,1,2,3,4
Switch Authentication Policy: PASSIVE
Device Authentication Policy: OFF
To set DH-CHAP as the authentication protocol:
switch:admin> authutil --set -a dhchap