Brocade Fabric OS Command Reference - Supporting Fabric OS v7.0.1 (53-1002447-01, March 2012)
Fabric OS Command Reference 177
53-1001764-01
cryptoCfg
2
To recover the master key from the key vault to the current location:
SecurityAdmin:switch> cryptocfg --recovermasterkey currentMK -keyID \
bd:ae:2d:0b:b9:1a:ad:18:0d:eb:fe:c9:67:ed:29:b0
Enter the passphrase: passphrase
Recover master key status: Operation succeeded.
To display the saved key IDs associated with a repeatedly exported master key
SecurityAdmin:switch> cryptocfg --show \
-mkexported_keyids e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:92
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:92
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:93
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:94
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:95
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:96
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:97
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:98
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:99
Operation Succeeded.
To display the encryption group configuration:
SecurityAdmin:switch> cryptocfg --show -groupcfg
Encryption Group Name: system_test
Failback mode: Auto
Replication mode: Disabled
Heartbeat misses: 3
Heartbeat timeout: 2
Key Vault Type: LKM
System Card: Disabled
Primary Key Vault:
IP address: 10.32.49.200
Certificate ID: 3D2-LKM3-B05-200
Certificate label: LKM200
State: Connected
Type: LKM
Secondary Key Vault:
IP address: 10.32.49.201
Certificate ID: 3D2-LKM4-B05-201
Certificate label: LKM201
State: Connected
Type: LKM
Additional Primary Key Vault Information::
Key Vault/CA Certificate Validity: Yes
Port for Key Vault Connection: 32579
Time of Day on Key Server: N/A
Server SDK Version: N/A
Additional Secondary Key Vault Information:
Key Vault/CA Certificate Validity: Yes
Port for Key Vault Connection: 32579
Time of Day on Key Server: N/A
Server SDK Version: N/A
Encryption Node (Key Vault Client) Information:
Node KAC Certificate Validity: Yes