Command Reference Guide

ManualsBrandsDell ManualsComputer AccessoriesPOWEREDGE M1000E

171

172

173

174

175

176

177

178

179

180

Table Of Contents

Fabric OS Command Reference 145

53-1001764-02

cryptoCfg

Function 1. Node configuration

Synopsis cryptocfg --help -nodecfg

cryptocfg --initnode

cryptocfg --initEE [slot]

cryptocfg --regEE [slot]

cryptocfg --enableEE [slot]

cryptocfg --disableEE [slot]

cryptocfg --export -scp -dhchallenge vault_IP_address | -currentMK | -KACcert |-KACcsr| -CPcert]

host_IP host_username host_file_path

cryptocfg --export -usb -dhchallenge vault_IP_address | -currentMK | -KACcert | -KACcsr |-CPcert

dest_filename

cryptocfg --import -scp local_name host_IP host_username host_file_path

cryptocfg --import -usb dest_filename source_filename

cryptocfg --reg -membernode member_node_WWN member_node_certfile

Member_node_IP_addr

cryptocfg --dereg -membernode member_node_WWN

cryptocfg --dhchallenge vault_IP_addr

cryptocfg --dhresponse vault_IP_addr

cryptocfg --zeroizeEE [slot]

cryptocfg --delete -file local_name

cryptocfg --reg -KAClogin primary | secondary

cryptocfg --show -file -all

cryptocfg --show -localEE

cryptocfg --rebalance [slot]

Description Use the node configuration commands to perform node initialization and configuration tasks. Node

initialization and configuration must be performed on every node. A node is an encryption switch or

a chassis containing one or more encryption blades. A node is identified by the switch IP address or

switch WWN, which is subsequently referred to as the "node WWN." The node configuration

commands include the following functions:

• Node initialization and certificate generation.

• Certificate export and import to and from a specified host or USB device.

• Enabling or disabling an encryption engine (EE).

• Encryption group member node and group leader registration.

• Group-wide policy configuration.

• Zeroization of all critical security parameters on the local encryption switch or blade.

• Certificate display and management.

• Display of the local encryption engine status.

• Rebalancing of disk and tape LUNS for optimized performance.