Authutil – Dell POWEREDGE M1000E User Manual
Page 86
54
Fabric OS Command Reference
53-1001764-02
authUtil
2
authUtil
Displays and sets the authentication configuration.
Synopsis
authutil
authutil --show
authutil --set option value
authutil --policy -sw option | -dev option
authutil --authinit [slot/]port[, [slot/]port...] | allE
Description
Use this command to display and set local switch authentication parameters.
Use --set to change authentication parameters such as protocol, Diffie-Hellman group (DH group),
or hash type. When no protocol is set, the default setting of “FCAP, DH- CHAP” is used. When no
group is set, the default setting of “*” (meaning “0,1,2,3,4”) is used. Configuration settings are
saved persistently across reboots. Configuration changes take effect during the next authentication
request.
Use --show to display the current authentication configuration. Use portShow to display the
authentication type and associated parameters, if applicable, used on the port.
Authentication parameters are set on a per-switch basis. If Virtual Fabrics are enabled, all
authentication parameters apply to the current logical switch context only, and must be configured
separately for each logical switch. Use setContext to change the current logical switch context.
In a VF environment, authentication is performed only on physical E_Ports, not on logical
interswitch links (LISLs).
Note
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may
be in place. Refer to chapter 1, "Using Fabric OS commands" and Appendix A, "Command
Availability" for details.
Operands
When invoked without operands, this command displays the usage. The following operands are
supported:
--
show
Displays local authentication configuration.
--
set value
Modifies the authentication configuration. Valid options and their values are:
-a fcap |dhchap | all
Sets the authentication protocol. Specify “fcap” to set only FCAP
authentication, “dhchap” to set only DH-CHAP authentication. Specify “all” to
set both FCAP and DH-CHAP, which is the default setting. When
authentication is set to “all”, the implicit order is FCAP followed by DH-CHAP.
This means that in authentication negotiation, FCAP is given priority over
DH-CHAP on the local switch.
-g 0|1|2|3|4|*
Sets the Diffie-Hellman (DH) group. Valid values are 0 to 4 and “*”. The DH
group 0 is called NULL DH. Each DH group implicitly specifies a key size and
associated parameters. Higher group value provides stronger cryptography