Dell POWEREDGE M1000E User Manual

56

Fabric OS Command Reference

53-1001764-02

authUtil

2

authinit [slot/]port [, [slot]/port...| allE

Reinitiates authentication on selected ports after changing the DH-CHAP
group, hash type, and shared secret between a pair of switches. This
command does not work on Private, Loop, NPIV and FICON devices. The
command can reinitiate authentication only if the device was previously
authenticated. This command may bring down the E_Ports if the DH-CHAP
shared secrets are not installed correctly. Valid options include:

slot

Specify the slot number, if applicable, followed by a slash (/).

port

Specify the port number. On enterprise-class platforms, use the slot/port
format for specifying the port number.

allE

Specify all E_Ports in the switch.

Examples

To display authentication configuration on the switch:

switch:admin>

authutil --show

AUTH TYPE HASH TYPE GROUP TYPE

--------------------------------------

fcap,dhchap sha1,md5 0,1,2,3,4

Switch Authentication Policy: PASSIVE

Device Authentication Policy: OFF

To set DH-CHAP as the authentication protocol:

switch:admin>

authutil --set -a dhchap

Authentication is set to dhchap.

To set both protocols in order of FCAP and then DH-CHAP:

switch:admin>

authutil --set -a all

Authentication is set to fcap,dhchap.

To set DH group 3:

switch:admin>

authutil --set -g 3

DH Group was set to 3.

To set all DH groups to be specified in the authentication negotiation in the order of 0, 1, 2, 3, and
4:

switch:admin>

authutil --set -g "*"

DH Group is set to 0,1,2,3,4

To set the Switch policy to active mode:

switch:admin>

authutil --policy -sw active

Warning: Activating the authentication policy requires

either DH-CHAP secrets or PKI certificates depending

on the protocol selected. Otherwise, ISLs will be

segmented during next E-port bring-up.

ARE YOU SURE (yes, y, no, n): [no]

y

Auth Policy is set to ACTIVE