Manualshelf

Brocade Secure Fabric OS Administrator's Guide - Supporting Fabric OS v3.2.0, v4.4.0, v5.0.1, v5.1.0, 5.2.0, and 5.3.0 (53-1000244-02, June 2007)

ManualsBrandsHP ManualsStorageBrocade 4Gb SAN Switch
51525354555657585960
Secure Fabric OS Administrator’s Guide 37
53-1000244-02
3
5. Terminate any other sectelnet or SSH connections to the fabric (when using the
secModeEnable command, no other sessions should be active) and ensure that any other
commands entered in the current session have completed.
6. Use the secModeEnable command to enable secure mode.
Several optional arguments are available. This step illustrates three forms of the command:
- Type secmodeenable --quickmode
The secModeEnable command might fail if a switch running Fabric OS v2.6.x is in the fabric.
Fabric OS v2.6.x supports a maximum security database size of 16 Kb. If you use
--lockdown=dcc or --quickmode, a security database greater than 16 Kb can be created.
Enable security successful using other secModeEnable operands. See the Fabric OS
Command Reference for detailed command and operand information.
Do not use the secModeEnable --currentpwd command until the passwords are changed from
the factory defaults by answering the password prompts during the login.
Do not use
secModeEnable --quickmode in Fabrics with a fibre channel router connected.
- Type secmodeenable.
This version invokes the command’s interactive mode; then, identify each FCS switch at
the prompts (as shown in the next example). Press Enter with no data to end the FCS list.
- Type secmodeenable "fcsmember;...;fcsmember".
fcsmember is the domain ID, WWN, or switch name of the primary and backup FCS
switches, with the primary FCS switch listed first.
See the Fabric OS Command Reference for other forms of the secModeEnable command.
To enable secure mode using --quickmode:
switch:admin> secmodeenable --quickmode
Your use of the certificate-based security features of the software
installed on this equipment is subject to the End User License Agreement
provided with the equipment and the Certification Practices Statement,
which you may review at http://www.switchkeyactivation.com/cps. By using
these security features, you are consenting to be bound by the terms of
these documents. If you do not agree to the terms of these documents,
promptly contact the entity from which you obtained this software and do
not use these security features.
Do you agree to these terms? (yes, y, no, n): [no] y
This command requires Switch Certificate, Security license and Zoning license
to be installed on every switch in the fabric.
PLEASE NOTE: On successful completion of this command, login sessions may be
closed and some switches may go through a reboot to form a secure fabric.
Non-FCS admin password will be set the same as FCS admin password.
ARE YOU SURE (yes, y, no, n): [no] y
Please enter current admin account password:
Enabling secure mode, this may take several minutes, please wait...
Secure mode is enabled.
switch:admin>
To enable secure mode using --lockdown=scc, --currentpwd, and --fcs options: