Node configuration – Dell POWEREDGE M1000E User Manual
Page 177
Fabric OS Command Reference
145
53-1001764-02
cryptoCfg
2
Function
1. Node configuration
Synopsis
cryptocfg --help -nodecfg
cryptocfg --initnode
cryptocfg --initEE [slot]
cryptocfg --regEE [slot]
cryptocfg --enableEE [slot]
cryptocfg --disableEE [slot]
cryptocfg --export -scp -dhchallenge vault_IP_address | -currentMK | -KACcert |-KACcsr| -CPcert]
host_IP host_username host_file_path
cryptocfg --export -usb -dhchallenge vault_IP_address | -currentMK | -KACcert | -KACcsr |-CPcert
dest_filename
cryptocfg --import -scp local_name host_IP host_username host_file_path
cryptocfg --import -usb dest_filename source_filename
cryptocfg --reg -membernode member_node_WWN member_node_certfile
Member_node_IP_addr
cryptocfg --dereg -membernode member_node_WWN
cryptocfg --dhchallenge vault_IP_addr
cryptocfg --dhresponse vault_IP_addr
cryptocfg --zeroizeEE [slot]
cryptocfg --delete -file local_name
cryptocfg --reg -KAClogin primary | secondary
cryptocfg --show -file -all
cryptocfg --show -localEE
cryptocfg --rebalance [slot]
Description
Use the node configuration commands to perform node initialization and configuration tasks. Node
initialization and configuration must be performed on every node. A node is an encryption switch or
a chassis containing one or more encryption blades. A node is identified by the switch IP address or
switch WWN, which is subsequently referred to as the "node WWN." The node configuration
commands include the following functions:
•
Node initialization and certificate generation.
•
Certificate export and import to and from a specified host or USB device.
•
Enabling or disabling an encryption engine (EE).
•
Encryption group member node and group leader registration.
•
Group-wide policy configuration.
•
Zeroization of all critical security parameters on the local encryption switch or blade.
•
Certificate display and management.
•
Display of the local encryption engine status.
•
Rebalancing of disk and tape LUNS for optimized performance.