Reference Guide
Brocade Fabric OS Command Reference 963
53-1004112-02
secCryptoCfg
-proto scp | sftp | ftp
Specifies the protocol as either SCP, SFTP, or FTP.
-file remote_file_name
Specifies the remote directory. Provide a fully qualified path name.
--lstemplates
Displays the list of templates available.
--verify template_name
Verifies the running configuration against a required configuration specified in the template
file.
--delete template_name
Deletes the specified template file.
--show [template_name]
Displays the configured cipher, kex, and MAC algorithms. If the template name is specified,
this command displays the configuration contents in the specified template file.
--help
Displays the command usage.
Examples To configure ciphers, kex, and MAC for SSH and HTTPS:
switch:admin> seccryptocfg --replace -type SSH -cipher \
3des-cbc,aes128-cbc,aes192-cbc -kex diffie-hellman-group-exchange-sha1 \
-mac hmac-sha2-256
To configure ciphers for SSH:
switch:admin> seccryptocfg --replace -type SSH -cipher \
aes128-ctr,aes192-ctr
This command requires the daemon(s) SSH to be restarted.
Existing sessions will be terminated.
Please confirm and provide the preferred option
Press Yes(Y,y), No(N,n) [N]:y
To configure ciphers for HTTPS:
switch:admin> seccryptocfg --replace -type https -cipher \
'!ECDH:!DH:HIGH:-MD5:!CAMELLIA'
This command requires the daemon(s) HTTP to be restarted.
Existing sessions will be terminated.
Please confirm and provide the preferred option
Press Yes(Y,y), No(N,n) [N]:no
To configure ciphers for HTTPS using the -force option:
switch:admin> seccryptocfg --replace -type https -cipher \
'!ECDH:!DH:HIGH:-MD5:!CAMELLIA' -force
HTTP cipher list configured successfully.