Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2008)
Table Of Contents
- Contents
- About This Document
- Using Fabric OS Commands
- Fabric OS Commands
- aaaConfig
- ad
- ag
- agshow
- aliAdd
- aliCreate
- aliDelete
- aliRemove
- aliShow
- aptPolicy
- auditCfg
- authUtil
- bannerSet
- bannerShow
- bcastShow
- bladeBeacon
- bladeDisable
- bladeEnable
- burninErrClear
- burninErrShow
- burninLevel
- burninStatus
- cfgActvShow
- cfgAdd
- cfgClear
- cfgCreate
- cfgDelete
- cfgDisable
- cfgEnable
- cfgMcdtmode
- cfgRemove
- cfgSave
- cfgSaveActiveToDefined
- cfgShow
- cfgSize
- cfgTransAbort
- cfgTransShow
- chassisConfig
- chassisName
- chassisShow
- cliHistory
- configDefault
- configDownload
- configList
- configRemove
- configShow
- configUpload
- configure
- dataTypeShow
- date
- dbgShow
- defZone
- diagClearError
- diagDisablePost
- diagEnablePost
- diagHelp
- diagPost
- diagRetry
- diagSetBurnin
- diagSetCycle
- diagShow
- diagSkipTests
- diagStopBurnin
- dbgShow
- distribute
- dlsReset
- dlsSet
- dlsShow
- dnsConfig
- enclosureShow
- errClear
- errDelimiterSet
- errDump
- errFilterSet
- errModuleShow
- errShow
- exit
- fabPortShow
- fabRetryShow
- fabricLog
- fabricPrincipal
- fabricShow
- fabStatsShow
- fabSwitchShow
- fanDisable
- fanEnable
- fanShow
- fastboot
- fastwritecfg
- fcipChipTest
- fcipHelp
- fcipPathTest
- fcLunQuery
- fcPing
- fcpLogClear
- fcpLogDisable
- fcpLogEnable
- fcpLogShow
- fcpProbeShow
- fcpRlsShow
- fcrBcastConfig
- fcrChipTest
- fcrConfigure
- fcrFabricShow
- fcrLsanCount
- fcrLsanMatrix
- fcrPathTest
- fcrPhyDevShow
- fcrProxyConfig
- fcrProxyDevShow
- fcrResourceShow
- fcrRouterPortCost
- fcrRouteShow
- fcrXlateConfig
- fddCfg
- fdmiCacheShow
- fdmiShow
- ficonClear
- ficonCupSet
- ficonCupShow
- ficonHelp
- ficonShow
- fipsCfg
- firmwareCommit
- firmwareDownload
- firmwareDownloadStatus
- firmwareKeyShow
- firmwareKeyUpdate
- firmwareRestore
- firmwareShow
- fosConfig
- fruReplace
- fspfShow
- fwAlarmsFilterSet
- fwAlarmsFilterShow
- fwClassInit
- fwConfigReload
- fwConfigure
- fwFruCfg
- fwHelp
- fwMailCfg
- fwPortDetailShow
- fwSamShow
- fwSet
- fwSetToCustom
- fwSetToDefault
- fwShow
- h
- haDisable
- haDump
- haEnable
- haFailover
- haShow
- haSyncStart
- haSyncStop
- help
- historyLastShow
- historyMode
- historyShow
- httpCfgShow
- i
- iclCfg
- ifModeSet
- ifModeShow
- interfaceShow
- interopMode
- iodDelayReset
- iodDelaySet
- iodDelayShow
- iodReset
- iodSet
- iodShow
- ipAddrSet
- ipAddrShow
- ipfilter
- iscsiCfg
- iscsiChipTest
- iscsiHelp
- iscsiPathTest
- iscsiPortCfg
- iscsiSessionCfg
- iscsiSwCfg
- islShow
- isnscCfg
- itemList
- killTelnet
- ldapCfg
- licenseAdd
- licenseHelp
- licenseIdShow
- licensePort
- licenseRemove
- licenseShow
- linkCost
- login
- logout
- lsanZoneShow
- lsDbShow
- memShow
- miniCycle
- msCapabilityShow
- msConfigure
- msPlatShow
- msPlatShowDBCB
- msPlClearDB
- msPlMgmtActivate
- msPlMgmtDeactivate
- msTdDisable
- msTdEnable
- msTdReadConfig
- myId
- nbrStateShow
- nbrStatsClear
- nodeFind
- nsAliasShow
- nsAllShow
- nsCamShow
- nsShow
- nsZoneMember
- passwd
- passwdCfg
- pathInfo
- pdShow
- perfAddEEMonitor
- perfAddIPMonitor
- perfAddReadMonitor
- perfAddRWMonitor
- perfAddSCSIMonitor
- perfAddUserMonitor
- perfAddWriteMonitor
- perfCfgClear
- perfCfgRestore
- perfCfgSave
- perfClearAlpaCrc
- perfDelEEMonitor
- perfDelFilterMonitor
- perfHelp
- perfMonitorClear
- perfMonitorShow
- perfSetPortEEMask
- perfShowAlpaCrc
- perfShowPortEEMask
- perfTTmon
- pkiCreate
- pkiRemove
- pkiShow
- policy
- portAlpaShow
- portBufferShow
- portCamShow
- portCfg
- portCfgAlpa
- portCfgCreditRecovery
- portCfgDefault
- portCfgEPort
- portCfgEXPort
- portCfgGPort
- portCfgISLMode
- portCfgLongDistance
- portCfgLPort
- portCfgNPIVPort
- portCfgNPort
- portCfgPersistentDisable
- portCfgPersistentEnable
- PortCfgQos
- portCfgShow
- portCfgSpeed
- portCfgTrunkPort
- portCfgVEXPort
- portCmd
- portDebug
- portDisable
- portEnable
- portErrShow
- portFlagsShow
- portLedTest
- portLogClear
- portLogConfigShow
- portLogDisable
- portLogDump
- portLogDumpPort
- portLogEnable
- portLogEventShow
- portLoginShow
- portLogPdisc
- portLogReset
- portLogResize
- portLogShow
- portLogShowPort
- portLogTypeDisable
- portLogTypeEnable
- portLoopbackTest
- portMirror
- portName
- portPerfShow
- portRouteShow
- portShow
- portStats64Show
- portStatsClear
- portStatsShow
- portSwap
- portSwapDisable
- portSwapEnable
- portSwapShow
- portTest
- portTestShow
- portTrunkArea
- portZoneShow
- powerOffListSet
- powerOffListShow
- psShow
- reboot
- routeHelp
- secActiveSize
- secAuthSecret
- secCertUtil
- secDefineSize
- secGlobalShow
- secHelp
- secPolicyAbort
- secPolicyActivate
- secPolicyAdd
- secPolicyCreate
- secPolicyDelete
- secPolicyDump
- secPolicyFCSMove
- secPolicyRemove
- secPolicySave
- secPolicyShow
- secStatsReset
- secStatsShow
- sensorShow
- setDbg
- setModem
- setVerbose
- sfpShow
- shellFlowControlDisable
- shellFlowControlEnable
- slotPowerOff
- slotPowerOn
- slotShow
- snmpConfig
- spinFab
- sshUtil
- statsClear
- stopPortTest
- supportFfdc
- supportFtp
- supportSave
- supportShow
- supportShowCfgDisable
- supportShowCfgEnable
- supportShowCfgShow
- switchBeacon
- switchCfgPersistentDisable
- switchCfgPersistentEnable
- switchCfgSpeed
- switchCfgTrunk
- switchDisable
- switchEnable
- switchName
- switchShow
- switchStatusPolicySet
- switchStatusPolicyShow
- switchStatusShow
- switchUptime
- switchViolation
- syslogdFacility
- syslogdIpAdd
- syslogdIpRemove
- syslogdIpShow
- sysShutDown
- systemVerification
- tempShow
- timeOut
- topologyShow
- traceDump
- trackChangesHelp
- trackChangesSet
- trackChangesShow
- trunkDebug
- trunkShow
- tsClockServer
- tsTimeZone
- turboRamTest
- upTime
- uRouteConfig
- uRouteRemove
- uRouteShow
- usbStorage
- userConfig
- userRename
- version
- wwn
- zone
- zoneAdd
- zoneCreate
- zoneDelete
- zoneHelp
- zoneObjectCopy
- zoneObjectExpunge
- zoneObjectRename
- zoneRemove
- zoneShow
- Primary FCS commands
- Control Processor Commands
- Command availability
- Index
40 Fabric OS Command Reference
53-1000599-02
authUtil
2
authUtil
Displays and sets the authentication configuration.
Synopsis authutil
authutil --show
authutil --set option value
authutil --policy -sw option | -dev option
authutil --authinit [slotnumber]/portnumber[, [slotnumber/]portnumber...] | allE
Description Use this command to display and set local switch authentication parameters.
Use --set to change authentication parameters such as protocol, Diffie-Hellman group (DH group),
or hash type. When no protocol is set, the default setting of “FCAP, DH- CHAP” is used. When no
group is set, the default setting of “*” (meaning “0,1,2,3,4”) is used. Configuration settings are
saved persistently across reboots. Configuration changes take effect during the next authentication
request.
Use --show to display the current authentication configuration. Use portShow to display the
authentication type and associated parameters, if applicable, used on the port.
Note The execution of this command is subject to Admin Domain restrictions that may be in place. Refer
to chapter 1, "Understanding Admin Domain Restrictions" and Appendix A, "Command Availability"
for details.
Operands When invoked without operands, this command displays the usage. The following operands are
supported:
--show Displays local authentication configuration.
--set value Modifies the authentication configuration. Valid options and their values are:
-a fcap |dhchap | all
Sets the authentication protocol. Specify “fcap” to set only FCAP
authentication, “dhchap” to set only DH-CHAP authentication. Specify “all” to
set both FCAP and DH-CHAP, which is the default setting. When
authentication is set to “all”, the implicit order is FCAP followed by DH-CHAP.
This means that in authentication negotiation, FCAP is given priority over
DH-CHAP on the local switch.
-g 0|1|2|3|4|*
Sets the Diffie-Hellman (DH) group. Valid values are 0 to 4 and “*”. The DH
group 0 is called NULL DH. Each DH group implicitly specifies a key size and
associated parameters. Higher group value provides stronger cryptography
and a higher level of security. When DH group is set to a specified value, only
that DH group is enabled. Specifying “*” enables all DH groups 0, 1, 2, 3, and
4, in that order. This means that in authentication negotiation, the NULL DH
group s given priority over all other groups.
-h sha1 | md5 | all