Brocade Fabric OS Command Reference Manual Supporting Fabric OS v6.3.0 (53-1001337-01, July 2009)
Fabric OS Command Reference 169
53-1001337-01
cryptoCfg
2
To delete the encryption group “brocade”:
SecurityAdmin:switch> cryptocfg --delete -encgroup brocade
Encryption group create status: Operation Succeeded.
To register a NetApp LKM appliance as the primary key vault "LKM1":
SecurityAdmin:switch>cryptocfg --reg -regkeyvault LKM1 lkmcert.pem 10.33.54.231 primary
decru-lkm-1
Register key vault status: Operation Succeeded.
To set the key vault type to LKM:
SecurityAdmin:switch>cryptocfg --set -keyvault LKM
Set key vault status: Operation Succeeded.
To add a member node to the encryption group:
SecurityAdmin:switch> cryptocfg --add -membernode 10:00:00:05:1e:39:14:00
Add node status: Operation Succeeded.
To eject a member node from the encryption group:
SecurityAdmin:switch>cryptocfg --eject -membernode 10:00:00:05:1e:53:b8:45
Eject node status: Operation Succeeded.
To leave the encryption group:
SecurityAdmin:switch>cryptocfg --leave_encryption_group
Leave node status: Operation Succeeded.
To generate the master key (RKM) on the group leader:
SecurityAdmin:switch>cryptocfg --genmasterkey
Master key generated. The master key should be
exported before further operations are performed.
To export the master key to the RKM key vault:
SecurityAdmin:switch>cryptocfg --exportmasterkey
Enter the passphrase: passphrase
Master key exported.
Key ID: 8f:88:45:32:8e:bf:eb:44:c4:bc:aa:2a:c1:69:94:2
To export the master key to a file:
SecurityAdmin:switch>cryptocfg --exportmasterkey -file
Enter the passphrase: passphrase
Master key file generated.
To export the master key file to an external host:
SecurityAdmin:switch>cryptocfg --export -scp -currentMK 192.168.38.245 mylogin GL_MK.mk
Password:
Operation succeeded.
To recover the master key from the key vault to the current location:
SecurityAdmin:switch>cryptocfg --recovermasterkey currentMK -keyID
bd:ae:2d:0b:b9:1a:ad:18:0d:eb:fe:c9:67:ed:29:b0