Brocade Fabric OS Command Reference - Supporting Fabric OS v7.0.1 (53-1002447-01, March 2012)
176 Fabric OS Command Reference
53-1001764-01
cryptoCfg
22
To register a NetApp LKM appliance as the primary key vault "LKM1":
SecurityAdmin:switch> cryptocfg --reg -regkeyvault \
LKM1 lkmcert.pem 10.33.54.231 primary decru-lkm-1
Register key vault status: Operation Succeeded.
To set the key vault type to LKM:
SecurityAdmin:switch> cryptocfg --set -keyvault LKM
Set key vault status: Operation Succeeded.
To add a member node to the encryption group:
SecurityAdmin:switch> cryptocfg --add -membernode \
10:00:00:05:1e:39:14:00
Add node status: Operation Succeeded.
To eject a member node from the encryption group:
SecurityAdmin:switch> cryptocfg --eject -membernode \
10:00:00:05:1e:53:b8:45
Eject node status: Operation Succeeded.
To leave the encryption group:
SecurityAdmin:switch> cryptocfg --leave_encryption_group
Leave node status: Operation Succeeded.
To generate the master key (RKM) on the group leader:
SecurityAdmin:switch> cryptocfg --genmasterkey
Master key generated. The master key should be
exported before further operations are performed.
To export the master key to the RKM key vault:
SecurityAdmin:switch> cryptocfg --exportmasterkey
Enter passphrase: **********
Confirm passphrase:**********
Master key exported.
Master Key ID: 11:95:82:cd:80:88:41:31:42:dd:c3:5f:d0:a7:95:55
Exported Key ID: 11:95:82:cd:80:88:41:31:42:dd:c3:5f:d0:a7:95:56
Master key exported.
To export the master key to a file:
SecurityAdmin:switch> cryptocfg --exportmasterkey -file
Enter the passphrase: **********
Master key file generated.
To export the master key file to an external host:
SecurityAdmin:switch> cryptocfg --export -scp \
-currentMK 192.168.38.245 mylogin GL_MK.mk
Password:*************
Operation succeeded.