Manualshelf

Brocade Fabric OS Command Reference Manual Supporting Fabric OS v6.3.0 (53-1001337-01, July 2009)

ManualsBrandsHP ManualsStorageBrocade 8/24c Power Pack+ SAN Switch for BladeSystem c-Class
331332333334335336337338339340
Fabric OS Command Reference 303
53-1001337-01
fipsCfg
2
--force fips This option enables FIPS mode even if prerequisites are not met, except
under the following two conditions:
1. In a dual-CP system if HA is not in sync between the two CPs.
2. If selftests is in a disabled state.
--verify fips Scans the prerequisites for enabling FIPS and print the failure/success
cases.
--disable | --enable bootprom
Disables or enables the Boot Programmable Read-Only Memory (Boot PROM)
on the switch. Boot PROM access is blocked in FIPS mode. Disabling Boot
PROM requires root permission. Enabling Boot PROM does not require root
permission.
--help Prints command usage.
Examples To display the current FIPS configuration:
switch:admin> fipscfg --show
FIPS mode is : Disabled
FIPS Selftests mode/status is : Disabled/None
To enable selftests:
switch admin> fipscfg --enable selftests
FIPS Selftests mode/status has been set to : Enabled/None
To verify FIPS prerequisites:
switch:admin>fipscfg --verify fips
Standby firmware supports FIPS
SELF tests check has passed
Root account is enabled.
Radius check has passed
Authentication check has passed
SNMP is in read only mode.
Bootprom access is disabled.
Firmwaredownload signature verification is enabled.
cfgload.secure parameter value is 1.
To attempt enabling FIPS when prerequisites are not met:
switch:admin> fipscfg --enable fips
SelfTests mode is not enabled.
Root account is enabled.
Authentication uses MD5 hash algorithm.
Authentication uses DH group 0.
Telnet port number <23> for the policy <default_ipv4> is in permit state.
HTTP port number <80> for the policy <default_ipv4> is in permit state.
RPC port number <898> for the policy <default_ipv4> is in permit state.
Telnet port number <23> for the policy <default_ipv6> is in permit state.
HTTP port number <80> for the policy <default_ipv6> is in permit state.
RPC port number <898> for the policy <default_ipv6> is in permit state.
SNMP is not in read only mode.
Bootprom access is enabled.
FIPS mode cannot be configured at this time