About The Dhchap Hash Algorithm; Configuring The Dhchap Hash Algorithm - HP Cisco MDS 9216 - Fabric Switch Configuration Manual

DHCHAP
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Figure 45-3
Step 3 Set the Mode drop-down menu to the DHCHAP authentication mode you want to configure for that
interface.
Step 4 Click the Apply Changes icon to save these DHCHAP port mode settings.

About the DHCHAP Hash Algorithm

Cisco MDS switches support a default hash algorithm priority list of MD5 followed by SHA-1 for
DHCHAP authentication.
If you change the hash algorithm configuration, then change it globally for all switches in the fabric.
Tip
RADIUS and TACACS+ protocols always use MD5 for CHAP authentication. Using SHA-1 as the hash
Caution
algorithm may prevent RADIUS and TACACS+ usage—even if these AAA protocols are enabled for
DHCHAP authentication.

Configuring the DHCHAP Hash Algorithm

To configure the hash algorithm using Fabric Manager, follow these steps:
Step 1 Choose Switches > Security and then select FC-SP.
Step 2 Click the General/Password tab.
You see the DHCHAP general settings mode for each switch shown in
Figure 45-4
Change the DHCHAP HashList for each switch in the fabric.
Step 3
Click the Apply Changes icocn to save the updated hash algorithm priority list.
Step 4
Cisco MDS 9000 Family CLI Configuration Guide
45-6
FC-SP (DHCHAP) Interface Modes
General/ Password Tab
Chapter 45 Configuring FC-SP and DHCHAP
Figure 45-4.
OL-16184-01, Cisco MDS SAN-OS Release 3.x