beautypg.com

Brocade Fabric OS Command Reference (Supporting Fabric OS v7.3.0) User Manual

Page 421

background image

Fabric OS Command Reference

391

53-1003131-01

fipsCfg

2

Bootprom access is enabled - FAIL

Firmwaredownload signature verification is disabled - FAIL

Secure config upload/download is disabled - FAIL

SSH DSA Keys check passed - PASS

Inband Management interface is disabled - PASS

Ipsecconfig is disabled. - PASS

Signature Algorithm used in LDAP CA certificate is not Sha256

Signature Algorithm used in Switch CA certificate is not Sha256

Signature Algorithm used in HTTPS certificate is not Sha256

Signature Algorithm used in FCAP certificate is not Sha256

Signature Algorithm used in FCAP CA certificate is not Sha256

Certificates are not FIPS compliant - FAIL

Certificates validation has passed - PASS

SSH client's ShaValue is not configured as 2 - FAIL

SSH client's MinPrime is not configured as 2048 - FAIL

SSH client's KexAlgorithms is not configured as

diffie-hellman-group-exchange-sha256 - FAIL

SSH client's ServerHostKeySize is not configured as 2048 - FAIL

SSH server's ShaValue is not configured as 2 - FAIL

SSH config is not FIPS compliant - FAIL

To enable FIPS after prerequisites have been met:

switch:admin> fipscfg --enable fips

You are enabling FIPS.

Do you want to continue? (yes, y, no, n) [no] : yes

FIPS mode has been set to : Enabled

Please reboot the system

switch:admin> fipscfg --show

FIPS mode is : Enabled

To attempt enabling FIPS when prerequisites are not met:

switch:admin> fipscfg --enable fips

SelfTests mode is not enabled.

Root account is enabled.

Authentication uses MD5 hash algorithm.

Authentication uses DH group 0.

Telnet port number <23> for the policy \

is in permit state.

HTTP port number <80> for the policy \

is in permit state.

RPC port number <898> for the policy \

is in permit state.

Telnet port number <23> for the policy \

is in permit state.

HTTP port number <80> for the policy \

is in permit state.

RPC port number <898> for the policy \

is in permit state.

SNMP is not in read only mode.

Bootprom access is enabled.

FIPS mode cannot be configured at this time

See also other documents in the category Brocade Computer Accessories: