Cryptocfg – Dell POWEREDGE M1000E User Manual
Page 198
170
Fabric OS Command Reference
53-1002746-01
cryptoCfg
2
cryptoCfg
Performs encryption configuration and management functions.
SYNOPSIS
cryptocfg --help -nodecfg
cryptocfg --help -groupcfg
cryptocfg --help -hacluster
cryptocfg --help -devicecfg
cryptocfg --help -transcfg
cryptocfg --help -decommission
DESCRIPTION
Use the cryptoCfg command to configure and manage the Brocade Encryption Switch and the FS8-18
encryption blade. These platforms support the encryption of data-at-rest for tape devices and disk array
logical unit numbers (LUNs).
The cryptoCfg CLI consists of eight command sets grouped around the following configuration
functions:
1.
Node configuration
2.
Encryption group configuration
3.
High Availability (HA) cluster configuration
4.
Storage device configuration and management
5.
Transaction management
6.
Device decommissioning
Each of these command groups is documented in a separate section that includes function, synopsis,
description, and operands. Examples are presented at the end of the help page.
For detailed encryption switch management and configuration procedures, refer to the Fabric OS
Encryption Administrator's Guide.
NOTES
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
CAUTION: When configuring a LUN with multiple paths, there is a considerable risk of ending up
with potentially catastrophic scenarios where different policies exist for each path of the LUN, or
a situation where one path ends up being exposed through the encryption switch and other path
has direct access to the device from a host outside the secured realm of the encryption platform.
To protect against this risk, it is necessary to configure containers IN SEQUENCE and with the
same policies and not issue a commit until the configuration for all hosts accessing the LUN is
complete. Failure to follow correct configuration procedures for multi-path LUNs results in data
corruption. If you are configuring multi-path LUNs as part of an HA cluster or DEK cluster or as a
standalone LUN accessed by multiple hosts, follow the instructions described in the section
"Configuring a multi-path Crypto LUN" in the Fabric OS Encryption Administrator's Guide.
FUNCTION
1. Node configuration
SYNOPSIS
cryptocfg --help -nodecfg