Authentication protocols, Supported hbas, Setting the authentication protocol – Dell POWEREDGE M1000E User Manual

148

Fabric OS Administrator’s Guide

53-1001763-02

Authentication policy for fabric elements

7

•

FICON channels

•

Configupload and download will not be supported for the following AUTH attributes: auth type,
hash type, group type.

Supported HBAs

The following HBAs support authentication:

•

Emulex LP11000 (Tested with Storport Miniport v2.0 windows driver)

•

Qlogic QLA2300 (Tested with Solaris v5.04 driver)

•

Brocade Fibre Channel HBA models 415, 425, 815 and 825

Authentication protocols

Use the authUtil command to perform the following tasks:

•

Display the current authentication parameters.

•

Select the authentication protocol used between switches.

•

Select the DH (Diffie-Hellman) group for a switch.

Run the authUtil command on the switch you want to view or change. Below are the different
options to specify which DH group you want to use.

•

00 – DH Null option

•

01 – 1024 bit key

•

02 – 1280 bit key

•

03 - 1536 bit key

•

04 – 2048 bit key

Viewing the current authentication parameter settings for a switch

1. Log in to the switch using an account assigned to the admin role.

2. Enter the authUtil

--

show.

Example of output from the authUtil --show command

AUTH TYPE HASH TYPE

GROUP TYPE

--------------------------------------
fcap,dhchap sha1,md5 0, 1, 2, 3, 4

Switch Authentication Policy: PASSIVE
Device Authentication Policy: OFF

Setting the authentication protocol

1. Log in to the switch using an account assigned to the admin role.

2. Enter the authUtil

--

set -a command specifying fcap, dhchap, or all.

Example of setting the DH-CHAP authentication protocol

switch:admin> authutil --set -a dhchap
Authentication is set to dhchap.