Fabric OS Encryption Administrator's Guide v6.4.0 (53-1001864-01, June 2010)
182 Fabric OS Encryption Administrator’s Guide
53-1001864-01
Encryption group and HA cluster maintenance
6
SecurityAdmin:switch>cryptocfg --show -groupmember \
10:00:00:05:1e:41:99:bc
Node Name: 10:00:00:05:1e:41:99:bc (current node)
State: DEF_NODE_STATE_DISCOVERED
Role: MemberNode
IP Address: 10.32.33.145
Certificate: 10.32.33.145_my_cp_cert.pem
Current Master Key State: Saved
Current Master KeyID:
b8:2a:a2:4f:c8:fd:12:e2:a9:25:d9:5b:58:2c:96:7e
Alternate Master Key State: Not configured
Alternate Master KeyID:
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
EE Slot: 0
SP state: Online
Current Master KeyID:
b8:2a:a2:4f:c8:fd:12:e2:a9:25:d9:5b:58:2c:96:7e
Alternate Master KeyID:
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
No HA cluster membership
a. If the node is in the DISCOVERED State and the security processor (SP) state is online as
shown, and you wish to remove the node from the encryption group permanently, proceed
to step 4.
b. If the node is not in the DISCOVERED State, and you wish to remove the node from the
encryption group permanently, de-register the node. Log into the group leader and enter
the cryptocfg
--dereg -membernode command followed by the node WWN.
SecurityAdmin:switch>cryptocfg --dereg -membernode 10:00:00:05:1e:41:99:bc
Operation succeeded.
4. Perform one of the following steps to remove the member node from the encryption group.
a. Log into the member node and enter the
cryptocfg --leave_encryption_group command.
This command clears all node states pertaining to group membership.
SecurityAdmin:switch>cryptocfg --leave_encryption_group
Leave node status: Operation Succeeded.
b. On the group leader, enter the cryptocfg --eject -membernode command followed by the
node WWN. This command removes the node from the encryption group.
SecurityAdmin:switch>cryptocfg --eject -membernode 10:00:00:05:1e:41:99:bc
Eject node status: Operation Succeeded.