Dell POWEREDGE M1000E User Manual
Page 215
Fabric OS Command Reference
187
53-1002746-01
cryptoCfg
2
--set -quorumsize
Sets the quorum size used to authenticate functions that require a quorum of
authentication cards. The default value is zero. You can set the quorum size only if
the current value is zero. Note that this value is different from the recovery set size
that specifies the number of recovery shares used to perform Master Key
recovery. When quorum authentication is enabled (Quorum Size is > 0), this
operation requires authentication of a quorum of authentication cards.
value
Specifies the quorum size. Valid values are 0 (quorum authentication is disabled)
and 1 through 5 (quorum authentication is enabled). This operand is required.
--set -systemcard> enable | disable
Enables or disables the system card usage policy. When the policy is enabled, a
system card is required to be inserted in an encryption engine to enable
encryption after a power-cycle event. When quorum authentication is enabled
(Quorum Size is > 0), this operation requires authentication of a quorum of
authentication cards. The policy is disabled by default. This command must be
executed on the group leader.
--set -replication enable | disable
Enables or disables replication-specific features. You must enable replication
before you can use replication-specific features such as the -newLUN,
-include_mirror, or the --refreshDEK command. Replication is disabled by
default; it must be enabled on the group leader. This command is supported only
for the DPM key vault.
--add -membernode
Adds the specified member node to the existing encryption group. The member
node is specified by its node WWN. This command is valid only on the group
leader. Initial setup on the node must be performed prior to adding the node to an
encryption group.
This command is required only when a node that was earlier part of encryption
group (online and DISCOVERED) was ejected or left the encryption group and is
now added back to that encryption group. A member node that is online during
registration is added automatically to the encryption group. The following operand
is required:
node_WWN
Specifies the WWN of the node to be added back to the encryption group.
--eject -membernode
Removes a member node from the existing encryption group. The node is
specified by its node WWN. This command is valid only on the group leader. The
node must be online (in DISCOVERED state) for this command to succeed. To
remove a node that is not online (in DISCOVERING State), use the --dereg
-membernode command. You must remove the EEs from the HA cluster and
delete any Crypto Target container/LUN configurations from this node before
ejecting the node or the command fails. The following operand is required when
ejecting a member node:
node_WWN
Specifies the node WWN of the node to be removed from the encryption group.
--leave_encryption_group
Clears the node's states pertaining to the node's membership in the encryption
group. This command is invoked from the member node that is to be ejected from
the encryption group.