1. Manuals
  2. Brands
  3. Brocade Communications Systems Manuals
  4. Software
  5. StoreFabric SN6500B
  6. Administrator's manual

Re-Exporting A Master Key - Brocade Communications Systems StoreFabric SN6500B Administrator's Manual

Brocade fabric os encryption administrator's guide v7.1.0 (53-1002721-01, march 2013)
Hide thumbs Also See for StoreFabric SN6500B:
Table of Contents

Advertisement

Policy Configuration Examples
The following examples illustrate the setting of group-wide policy parameters.
To set the failback mode to manual failback:
To set the Heartbeat misses value to 3:
To set the Heartbeat timeout value to 3 seconds:

Re-exporting a master key

With the introduction of Fabric OS v7.0.0, you can export master keys to the key vault multiple
times instead of only once. The ability to export the master key more than once enables you to
recover the master key when needed. For example, prior to Fabric OS 7.0.0, if you forgot your
passphrase that was used to export the master key, you were not able to recover the master key
from the key vault. The ability to re-export the master key in this scenario alleviates this concern.
When the master key is exported to the key vault for the first time, it is stored with the actual
master key ID. Subsequent exports are provided with additional exported key IDs that are
generated by the Brocade Encryption Switch. Each additional time the master key is exported to the
key vault, a different key ID is saved.
The master key can be recovered from any export using the exported master key ID and the
corresponding passphrase.
Note the following:
The
IDs. Also shown are all exported master key IDs associated with a given (actual) master key.
NOTE
You will need to remember the exported master key ID and passphrase you used while exporting the
master key ID.
A new subcommand is available to support exporting master key IDs for a given master key.
SecurityAdmin:switch> cryptocfg --show -mkexported_keyids <MK ID>
Fabric OS Encryption Administrator's Guide (SKM/ESKM)
53-1002721-01
SecurityAdmin:switch> cryptocfg --set -failbackmode manual
Set failback policy status: Operation Succeeded.
SecurityAdmin:switch> cryptocfg --set -hbmisses 3
Set heartbeat miss status: Operation Succeeded.
SecurityAdmin:switch> cryptocfg --set -hbtimeout 3
Set heartbeat timeout status: Operation Succeeded.
If you are upgrading to Fabric OS v7.1.0 from an earlier version, (for example, Fabric OS v6.4.x),
you can recover the master key with the master key ID. Additional exports of the master key are
allowed with the exported master key IDs.
If you are downgrading from Fabric OS v7.1.0 to an earlier version (for example, Fabric OS
v7.0.x), you can recover the master key using the master key ID that is exported in Fabric OS
v7.1.0 and its corresponding passphrase. Downgrading to earlier versions allows the master
key to be recoverable with only the master key ID.
show
localEE command shows the actual master key IDs, along with the new master key
--
-

Re-exporting a master key

3
157

Advertisement

Table of Contents
loading

Related Manuals for Brocade Communications Systems StoreFabric SN6500B

Related Content for Brocade Communications Systems StoreFabric SN6500B

This manual is also suitable for:

Fabric os 7.1.0

Table of Contents