Brocade Fabric OS Command Reference Manual - Supporting Fabric OS v5.3.0 (53-1000436-01, June 2007)

ManualsBrandsHP ManualsStorageHP StorageWorks 4/32B SAN Switch Power Pack

581

582

583

584

585

586

587

588

589

590

554 Fabric OS Command Reference Manual

53-1000436-01

secAuthSecret

Manages the DH-CHAP shared secret key information.

Synopsis secauthsecret [--show] [--set] [--remove value | --all]

Description Use this command to manage the DH-CHAP shared secret key database used for authentication.

This command displays, sets, and removes shared secret key information from the database or

deletes the entire database. If you are performing set or remove operations, when the command is

completed new data is saved persistently. New data is effective with the next authentication

request. The configuration applies to a switch instance only.

A Brocade Security license is required to run this command in non-secure as well as secure mode.

Operands This command has the following operands:

--show Lists the WWNs for which shared secret is configured.

--set Sets shared secrets with a WWN. NOTE: when setting secrets for an entry of

an EX_Port type, the wwn of the entry must be specified.

--remove [wwn | domain | swname]

Removes the specified WWN entry from the database. If a domain name is

specified, it is converted to a WWN and then the entry is removed. If no option

is specified, command is interactive.

--remove --all Deletes the entire secret key database.

When setting secrets for an entry of an EX_Port type, the WWN of the entry must be specified.

When removing an entry of an EX_Port type, the WWN of the entry must be specified.

Examples To list the shared secret WWN:

switch:admin> secauthsecret --show

WWN DId Name

-----------------------------------------------

10:00:00:60:69:80:5b:e8 1 switch

To set the shared secret:

switch:admin>secAuthSecret --set

This command sets up secret keys for the DH-CHAP authentication.

The minimum length of a secret key is 8 characters and maximum 40

characters. Setting up secret keys does not initiate DH-CHAP

authentication. If switch is configured to do DH-CHAP, it is performed

whenever a port or a switch is enabled.

Warning: Please use a secure channel for setting secrets. Using

an insecure channel is not safe and may compromise secrets.

Following inputs should be specified for each entry.

1. WWN for which secret is being set up.

2. Peer secret: The secret of the peer that authenticates to peer.

(continued on next page)