Manualshelf

Brocade Secure Fabric OS Administrator's Guide - Supporting Fabric OS v3.2.0, v4.4.0, v5.0.1, v5.1.0, 5.2.0, and 5.3.0 (53-1000244-02, June 2007)

ManualsBrandsHP ManualsStorageBrocade 4Gb SAN Switch
81828384858687888990
Secure Fabric OS Administrator’s Guide 65
53-1000244-02
4
For example, to reset all statistics on a local switch:
primaryfcs:admin> secstatsreset
About to reset all security counters.
Are you sure (yes, y, no, n):[no] y
Security statistics reset to zero.
To reset the DCC_POLICY statistics on domains 1 and 69:
primaryfcs:admin> secstatsreset "DCC_POLICY", "1;69"
Reset DCC_POLICY statistic.
Managing Passwords
This section provides the following information:
“Modifying Passwords in Secure Mode” on page 66
“Using Temporary Passwords” on page 68
When secure mode is enabled, the following conditions apply:
Only enter the passwd command on the primary FCS switch.
Only access the root and factory accounts from the FCS switches. Attempting to access them
from a non-FCS switch generates an error message.
The admin account (or role) remains available from all switches, but two passwords are
implemented: one for all FCS switches and one for all non-FCS switches.
Temporary passwords can be created for specific switches, making it possible to provide
temporary access to another user.
User password policies are not supported. To enable Secure mode, you must reset all
password policies to the default settings. See Chapter 3 of the Fabric OS Administrator’s
Guide.
The user account (or role) remains available fabric-wide regardless of whether secure mode is
enabled. The characteristics of the different accounts when secure mode is enabled and disabled
are described in Table 17.
You can use the multiple user account (MUA) feature of Fabric OS v3.2.0, v4.4.0, v5.0.1, v5.1.0,
and v5.2.0 if the primary FCS switch is running any of the Fabric OS v3.2.0, v4.4.0, v5.0.1, v5.1.0,
or v5.2.0. Older switches do not need to be running a version of Fabric OS supporting MUA.
If a digital certificate is installed, the sectelnet and API passwords are automatically encrypted,
regardless of whether secure mode is enabled. HTTP encrypts passwords only if secure mode is
enabled
CAUTION
Record passwords and store them in a secure place; recovering passwords might require significant
effort and result in fabric downtime.