beautypg.com

Device decommissioning – Dell POWEREDGE M1000E User Manual

Page 213

background image

Fabric OS Command Reference

181

53-1001764-02

cryptoCfg

2

Operands

The cryptoCfg transaction management function has the following operands:

--

help transcfg

Displays the synopsis for the transaction management function.

--

commit

Commits the transaction. This command saves the defined configuration to
nonvolatile storage. Changes are persistent across reboots and power cycles.
This command overwrites existing configuration parameters and therefore
prompts for confirmation. This command is permitted only when the
encryption group is in a converged state.

The following operand is optional:

-force

Commits the transaction without confirmation.

--

transabort transaction_ID

Aborts a pending database transaction for any device configurations invoked
earlier through the CLI or DCFM interfaces. The following operand is required:

transaction_ID Specifies the ID of the transaction to be aborted. Use --transshow to

determine the currently pending transaction ID.

--

transshow

Displays the pending database transaction for any device configurations
invoked earlier through the CLI or DCFM interfaces. The command displays
the transaction status (completed or pending), the transaction ID, and the
transaction owner (CLI or DCFM)

Function

6. Device decommissioning

Synopsis

cryptocfg --help -decommission

cryptocfg --decommission -container container_name -initiator initiatator _PWWN -LUN LUN_num

cryptocfg --delete -decommissionedkeyids

cryptocfg --show -decommissionedkeyids

cryptocfg --show -vendorspecifickeyid key_ID

Description

Use these cryptoCfg commands to decommission a disk LUN in the event that the storage device is
to be reprovisioned, retired, or returned to the vendor. The decommission function renders all data
on the disk media inaccessible before decommissioning the device.

Device decommissioning deletes or renders invalid all important information including keys stored
in the key vault, on the chip, and from the various internal caches, and it erases the metadata on
the media to ensure that the data on the decommissioned device is irrecoverable.

The following restrictions apply to device decommissioning:

Devices not encrypted on the Brocade Encryption platform or devices in cleartext cannot be
decommissioned with this command.

All nodes in the encryption group must run Fabric OS v6.4.0 or later.

Device decommissioning does not work across a reboot. Rebooting terminates an ongoing
decommissioning process and the command must be reissued after completing the reboot.

Device decommissioning is supported only with the LKM and RKM key vaults.

Decommissioning of tape devices or snap drive volumes is currently no supported.

Decommissioning does not automatically delete the keys. You must manually delete the keys
from the key vault to complete the operation.

See also other documents in the category Dell Computer Accessories: