beautypg.com

Authutil – Dell POWEREDGE M1000E User Manual

Page 86

background image

54

Fabric OS Command Reference

53-1001764-02

authUtil

2

authUtil

Displays and sets the authentication configuration.

Synopsis

authutil

authutil --show

authutil --set option value

authutil --policy -sw option | -dev option

authutil --authinit [slot/]port[, [slot/]port...] | allE

Description

Use this command to display and set local switch authentication parameters.

Use --set to change authentication parameters such as protocol, Diffie-Hellman group (DH group),
or hash type. When no protocol is set, the default setting of “FCAP, DH- CHAP” is used. When no
group is set, the default setting of “*” (meaning “0,1,2,3,4”) is used. Configuration settings are
saved persistently across reboots. Configuration changes take effect during the next authentication
request.

Use --show to display the current authentication configuration. Use portShow to display the
authentication type and associated parameters, if applicable, used on the port.

Authentication parameters are set on a per-switch basis. If Virtual Fabrics are enabled, all
authentication parameters apply to the current logical switch context only, and must be configured
separately for each logical switch. Use setContext to change the current logical switch context.

In a VF environment, authentication is performed only on physical E_Ports, not on logical
interswitch links (LISLs).

Note

The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may
be in place. Refer to chapter 1, "Using Fabric OS commands" and Appendix A, "Command
Availability"
for details.

Operands

When invoked without operands, this command displays the usage. The following operands are
supported:

--

show

Displays local authentication configuration.

--

set value

Modifies the authentication configuration. Valid options and their values are:

-a fcap |dhchap | all

Sets the authentication protocol. Specify “fcap” to set only FCAP
authentication, “dhchap” to set only DH-CHAP authentication. Specify “all” to
set both FCAP and DH-CHAP, which is the default setting. When
authentication is set to “all”, the implicit order is FCAP followed by DH-CHAP.
This means that in authentication negotiation, FCAP is given priority over
DH-CHAP on the local switch.

-g 0|1|2|3|4|*

Sets the Diffie-Hellman (DH) group. Valid values are 0 to 4 and “*”. The DH
group 0 is called NULL DH. Each DH group implicitly specifies a key size and
associated parameters. Higher group value provides stronger cryptography