Brocade Fabric OS Command Reference Manual Supporting Fabric OS v7.0.0 (April 2011)
Fabric OS Command Reference 173
53-1001764-01
cryptoCfg
22
To register a NetApp LKM appliance as the primary key vault "LKM1":
SecurityAdmin:switch> cryptocfg --reg -regkeyvault \
LKM1 lkmcert.pem 10.33.54.231 primary decru-lkm-1
Register key vault status: Operation Succeeded.
To set the key vault type to LKM:
SecurityAdmin:switch> cryptocfg --set -keyvault LKM
Set key vault status: Operation Succeeded.
To add a member node to the encryption group:
SecurityAdmin:switch> cryptocfg --add -membernode \
10:00:00:05:1e:39:14:00
Add node status: Operation Succeeded.
To eject a member node from the encryption group:
SecurityAdmin:switch> cryptocfg --eject -membernode \
10:00:00:05:1e:53:b8:45
Eject node status: Operation Succeeded.
To leave the encryption group:
SecurityAdmin:switch> cryptocfg --leave_encryption_group
Leave node status: Operation Succeeded.
To generate the master key (RKM) on the group leader:
SecurityAdmin:switch> cryptocfg --genmasterkey
Master key generated. The master key should be
exported before further operations are performed.
To export the master key to the RKM key vault:
SecurityAdmin:switch> cryptocfg --exportmasterkey
Enter the passphrase: **********
Confirm passphrase:**********
Master key exported.
Master Key ID: 4b:ed:4e:9a:7c:8b:c6:02:45:f8:c1:69:79:ab:b2:2f
Exported Key ID: 4b:ed:4e:9a:7c:8b:c6:02:45:f8:c1:69:79:ab:b2:30
Master key exported.
To export the master key to a file:
SecurityAdmin:switch> cryptocfg --exportmasterkey -file
Enter the passphrase: **********
Master key file generated.
To export the master key file to an external host:
SecurityAdmin:switch> cryptocfg --export -scp \
-currentMK 192.168.38.245 mylogin GL_MK.mk
Password:*************
Operation succeeded.