beautypg.com

HP Secure Key Manager User Manual

Page 296

background image

show fips server

Related com-
mand(s)

reset factory settings zeroize

– zeroize all keys and passwords on the device.

NOTE:

For security purposes, this command can only be run from the CLI at the console.
You cannot execute this command remotely via the CLI over SSH or from the
Management Console.

hostname#

reset factory settings zeroize

Syntax

reset factory settings

Related com-
mand(s)

security settings

– change the status of security-related functionality on the SKM.

This functionality must be disabled for FIPS compliance. These settings are automatically configured when you
select Set FIPS Compliance in the FIPS Compliance section.

IMPORTANT:

When you enable FIPS compliance on the SKM, the functionality displayed here is disabled. Modifying
any of the items in the High Security Settings section immediately takes the device out of FIPS compliance.
This section should be used to

review the key and device security functionality that has been disabled

for full FIPS compliance. When the device is FIPS-compliant, do not alter these settings.

IMPORTANT:

According to FIPS requirements, you cannot enable or disable FIPS when there are keys on the SKM.
You must

manually delete all keys before enabling and disabling FIPS compliance. Keys are zeroized

upon deletion.

We strongly recommend that you back up your keys before deleting.

For more information, see

Using advanced security features

.

hostname#

security settings

Disable Creation and Use of Global Keys [y]:

Disable Non-FIPS Algorithms and Key Sizes [y]:

Disable RSA Encryption and Decryption [y]:

Disable FTP for Certificate Import, Backup, and Restore [y]:

Disable Certificate Import through Serial Console Paste [y]:

Disable Hotswappable RAID Drives [y]:

Syntax

show security settings

Related com-
mand(s)

show security settings

– view the status of security-related functionality on the SKM.

NOTE:

This functionality must be disabled for FIPS compliance. These settings are automatically configured
when you select Set FIPS Compliance in the FIPS Compliance section. For more information, see

Using

advanced security features

.

Using the Command Line Interface

296

See also other documents in the category HP Storage: