Brocade Secure Fabric OS Administrator's Guide (53-1000244-01, November 2006)
Secure Fabric OS Administrator’s Guide 2-23
Publication Number: 53-1000244-01
2
Selecting Authentication Protocols
Use the authUtil command to:
• Display the current authentication parameters
• Select the authentication protocol used between switches
• Select the Diffie-Hellman (DH) group for a switch
Authentication is performed only when secure mode is enabled, but you can run the authUtil command
either while secure mode is enabled or not. Run the command on the switch you want to view or
change.
This section illustrates using the authUtil command to display the current authentication parameters
and to set the authentication protocol to DH-CHAP. See the Fabric OS Command Reference for more
details on the authUtil command.
To view the current authentication parameter settings for a switch
1. Log in to the switch as admin.
2. On a switch running Fabric OS v4.4.0, v5.0.1, v5.1.0, or v5.2.0, type authUtil --show; on a switch
running Fabric OS v3.2.0, type authUtil "--show".
Output similar to the following displays:
To set the authentication protocol used by the switch to DH-CHAP
1. Log in to the switch as admin
2. On a switch running Fabric OS v4.x or v5.x, type authUtil --set -a dhchap; on a switch running
Fabric OS v3.x, type authUtil "--set -a dhchap".
Output similar to the following displays:
When using DH-CHAP, make sure that you configure the switches at both ends of a link.
AUTH TYPE HASH TYPE GROUP TYPE
--------------------------------------
fcap,dhchap sha1,md5 0,1,2,3,4
Authentication is set to dhchap.
N
ote
If you set the authentication protocol to DH-CHAP, have not yet configured shared
secrets, and authentication is checked (for example, you enable the switch), switch
authentication fails.