Dell POWEREDGE M1000E User Manual
Page 360
328
Fabric OS Command Reference
53-1001764-02
fipsCfg
2
--
show |--showall
Displays the current FIPS configuration.
--
force fips
This option enables FIPS mode even if prerequisites are not met, except
under the following two conditions:
1. In a dual-CP system if HA is not in sync between the two CPs.
2. If selftests is in a disabled state.
--
verify fips
Scans the prerequisites for enabling FIPS and print the failure/success
cases.
--
disable | --enable bootprom
Disables or enables the Boot Programmable Read-Only Memory (Boot PROM)
on the switch. Boot PROM access is blocked in FIPS mode. Disabling Boot
PROM requires root permission. Enabling Boot PROM does not require root
permission.
--
help
Prints command usage.
Examples
To display the current FIPS configuration:
switch:admin>
fipscfg --show
FIPS mode is : Disabled
FIPS Selftests mode/status is : Disabled/None
To enable selftests:
switch admin>
fipscfg --enable selftests
You are enabling selftests.
Do you want to continue? (yes, y, no, n) [no] : yes
FIPS Selftests mode/status has been set to : Enabled/None
To verify FIPS prerequisites:
switch:admin>fipscfg --
verify fips
Standby firmware supports FIPS
SELF tests check has passed
Root account is enabled.
Radius check has passed
Authentication check has passed
SNMP is in read only mode.
Bootprom access is disabled.
Firmwaredownload signature verification is enabled.
cfgload.secure parameter value is 1.
To attempt enabling FIPS when prerequisites are not met:
switch:admin>
fipscfg --enable fips
SelfTests mode is not enabled.
Root account is enabled.
Authentication uses MD5 hash algorithm.
Authentication uses DH group 0.
Telnet port number <23> for the policy
HTTP port number <80> for the policy
RPC port number <898> for the policy
Telnet port number <23> for the policy
HTTP port number <80> for the policy
RPC port number <898> for the policy
SNMP is not in read only mode.