Fabric OS Command Reference 145
53-1001764-02
cryptoCfg
2
Function 1. Node configuration
Synopsis cryptocfg --help -nodecfg
cryptocfg --initnode
cryptocfg --initEE [slot]
cryptocfg --regEE [slot]
cryptocfg --enableEE [slot]
cryptocfg --disableEE [slot]
cryptocfg --export -scp -dhchallenge vault_IP_address | -currentMK | -KACcert |-KACcsr| -CPcert]
host_IP host_username host_file_path
cryptocfg --export -usb -dhchallenge vault_IP_address | -currentMK | -KACcert | -KACcsr |-CPcert
dest_filename
cryptocfg --import -scp local_name host_IP host_username host_file_path
cryptocfg --import -usb dest_filename source_filename
cryptocfg --reg -membernode member_node_WWN member_node_certfile
Member_node_IP_addr
cryptocfg --dereg -membernode member_node_WWN
cryptocfg --dhchallenge vault_IP_addr
cryptocfg --dhresponse vault_IP_addr
cryptocfg --zeroizeEE [slot]
cryptocfg --delete -file local_name
cryptocfg --reg -KAClogin primary | secondary
cryptocfg --show -file -all
cryptocfg --show -localEE
cryptocfg --rebalance [slot]
Description Use the node configuration commands to perform node initialization and configuration tasks. Node
initialization and configuration must be performed on every node. A node is an encryption switch or
a chassis containing one or more encryption blades. A node is identified by the switch IP address or
switch WWN, which is subsequently referred to as the "node WWN." The node configuration
commands include the following functions:
• Node initialization and certificate generation.
• Certificate export and import to and from a specified host or USB device.
• Enabling or disabling an encryption engine (EE).
• Encryption group member node and group leader registration.
• Group-wide policy configuration.
• Zeroization of all critical security parameters on the local encryption switch or blade.
• Certificate display and management.
• Display of the local encryption engine status.
• Rebalancing of disk and tape LUNS for optimized performance.