Brocade Communications Systems 53-1001763-02 사용자 설명서
148
Fabric OS Administrator’s Guide
53-1001763-02
Authentication policy for fabric elements
7
•
FICON channels
•
Configupload and download will not be supported for the following AUTH attributes: auth type,
hash type, group type.
hash type, group type.
Supported HBAs
The following HBAs support authentication:
•
Emulex LP11000 (Tested with Storport Miniport v2.0 windows driver)
•
Qlogic QLA2300 (Tested with Solaris v5.04 driver)
•
Brocade Fibre Channel HBA models 415, 425, 815 and 825
Authentication protocols
Use the authUtil command to perform the following tasks:
•
Display the current authentication parameters.
•
Select the authentication protocol used between switches.
•
Select the DH (Diffie-Hellman) group for a switch.
Run the authUtil command on the switch you want to view or change. Below are the different
options to specify which DH group you want to use.
options to specify which DH group you want to use.
•
00 – DH Null option
•
01 – 1024 bit key
•
02 – 1280 bit key
•
03 - 1536 bit key
•
04 – 2048 bit key
Viewing the current authentication parameter settings for a switch
1. Log in to the switch using an account assigned to the admin role.
2. Enter the authUtil
--
show.
Example of output from the authUtil --show command
AUTH TYPE HASH TYPE
GROUP TYPE
--------------------------------------
fcap,dhchap sha1,md5 0, 1, 2, 3, 4
fcap,dhchap sha1,md5 0, 1, 2, 3, 4
Switch Authentication Policy: PASSIVE
Device Authentication Policy: OFF
Device Authentication Policy: OFF
Setting the authentication protocol
1. Log in to the switch using an account assigned to the admin role.
2. Enter the authUtil
--
set -a command specifying fcap, dhchap, or all.
Example of setting the DH-CHAP authentication protocol
switch:admin> authutil --set -a dhchap
Authentication is set to dhchap.
Authentication is set to dhchap.