beautypg.com

Dell POWEREDGE M1000E User Manual

Page 219

background image

Fabric OS Command Reference

191

53-1002746-01

cryptoCfg

2

To generate the master key (DPM) on the group leader:

SecurityAdmin:switch> cryptocfg --genmasterkey
Master key generated. The master key should be
exported before further operations are performed.

To export the master key to the DPM key vault:

SecurityAdmin:switch> cryptocfg --exportmasterkey
Enter passphrase: **********

Confirm passphrase:**********
Master key exported.
Master Key ID: 11:95:82:cd:80:88:41:31:42:dd:c3:5f:d0:a7:95:55
Exported Key ID: 11:95:82:cd:80:88:41:31:42:dd:c3:5f:d0:a7:95:56
Master key exported.

To export the master key to a file:

SecurityAdmin:switch> cryptocfg --exportmasterkey -file
Enter the passphrase: **********
Master key file generated.

To export the master key file to an external host:

SecurityAdmin:switch> cryptocfg --export -scp \
-currentMK 192.168.38.245 mylogin GL_MK.mk
Password:*************
Operation succeeded.

To recover the master key from the key vault to the current location:

SecurityAdmin:switch> cryptocfg --recovermasterkey currentMK -keyID \
bd:ae:2d:0b:b9:1a:ad:18:0d:eb:fe:c9:67:ed:29:b0
Enter the passphrase: passphrase
Recover master key status: Operation succeeded.

To display the saved key IDs associated with a repeatedly exported master key

SecurityAdmin:switch> cryptocfg --show \
-mkexported_keyids e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:92
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:92
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:93
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:94
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:95
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:96
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:97
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:98
e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:99
Operation Succeeded.

To display the encryption group configuration:

SecurityAdmin:switch> cryptocfg --show -groupcfg
Encryption Group Name: system_test
Failback mode: Auto
Replication mode: Disabled
Heartbeat misses: 3
Heartbeat timeout: 2
Key Vault Type: LKM
System Card: Disabled