Manualshelf

Deployment Guide

ManualsBrandsDell ManualsserversDell Brocade M6505
21222324252627282930
The public key file on the switch contains only one public key. It is only able to validate firmware signed
using one corresponding private key. If the private key changes in future releases, you need to change
the public key on the switch by one of the following methods:
By using the firmwareDownload command. When a new firmware is downloaded, firmware
download always replaces the public key file on the switch with what is in the new firmware. This
allows you to have planned firmware key changes.
By using the firmwareKeyUpdate command. This command retrieves a specified public key file
from a specific server location and replaces the one on the switch. The information about firmware
versions and their corresponding public key files is documented in the release notes or stored in a
known location on the Brocade website. This command allows the customer to handle unplanned
firmware key changes.
NOTE
If FIPS mode is enabled, all logins should be handled through SSH or direct serial method, and the
transfer protocol should be SCP.
Updating the firmware key
1. Log in to the switch as admin.
2. Enter the firmwareKeyUpdate command and respond to the prompts.
The firmwareDownload command
The public key file must be packaged, installed, and run on your switch before you download a signed
firmware.
When firmware download installs a firmware file, it must validate the signature of the file. Different
scenarios are handled as follows:
If the firmware file has a signature but the validation fails, firmware download fails. This means the
firmware is not from Brocade, or the contents have been modified.
If the firmware file has a signature and the validation succeeds, firmware download proceeds
normally.
SAS, DMM, and third-party application images are not signed.
Configuring a switch for signed firmware
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the configure command.
3. Respond to the prompts as follows:
System Service
Press Enter to select default setting; default is no.
ssl attributes Press Enter to select default setting; default is no.
snmp attributes Press Enter to select default setting; default is no.
rpcd attributes Press Enter to select default setting; default is no.
Updating the firmware key
Fabric OS Upgrade Guide 23
53-1003240-01