Firmwarekeyupdate – Dell POWEREDGE M1000E User Manual
Page 373
Fabric OS Command Reference
341
53-1001764-02
firmwareKeyUpdate
2
firmwareKeyUpdate
Updates the public key used for signed firmware validation.
Synopsis
firmwarekeyupdate
firmwarekeyupdate [-p ftp|scp] host,user,keyfile,passwd
firmwarekeyupdate -U keyfile
Description
Use this command to update the public key used for firmware signature validation.
The firmware key can be updated over the network, or, if the switch supports this option, from an
attached USB device.
A default firmware key is released as part of the firmware image and is downloaded to the switch
during the firmware download process. The default key is used to download new firmware.
However, the firmware key may be change for future releases, and the default key may not be the
right key for validating the signature of the new firmware. In this case, switch administrators can
use the firmwareKeyUpdate command to update the firmware key first. After the new firmware is
downloaded, the firmware key that is part of the new firmware becomes the default firmware key.
Notes
A firmware key should be installed on every switch as a part of the Fabric OS installation. The
presence of a firmware key does not imply that the firmware signature is checked during
firmwareDownload. Signed Firmware Download must be enabled before the public key can be used
for signature
Use the configure command to enable Signed Firmware Download.
If Signed Firmware Download is enabled, and if the validation succeeds, firmware download
proceeds normally. If the firmware is not signed or if the signature validation fails, signed firmware
download fails.
Refer to the Fabric OS Administrator's Guide for complete details on upgrading or downgrading
firmware.
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may
be in place. Refer to chapter 1, "Using Fabric OS commands" and Appendix A, "Command
Availability" for details.
Operands
The following operands are supported. When invoked without operands, the command goes into
interactive mode, prompting you for input.
-p scp|ftp
Specify the file transfer protocol. Valid values are ftp and scp. Values are not
case-sensitive. If -p is not specified, firmwareKeyUpdate determines the
protocol automatically.
-U
Specify this operand to update the firmware key from a USB device. This
option requires the keyfile operand.
host
Specify a valid FTP or SSH server name or IP address. IPV4 and IPv6
addresses are supported. The firmware key is updated from the specified
host. If a host is not specified, the firmware key is considered accessible on a
local directory. To mention an FTP server by name, a DNS server must first be
set up with the dnsConfig command.