Brocade Fabric OS Encryption Administrator's Guide Supporting Fabric OS v6.2.0 (53-1001201-04, May 2009)
Encryption Administrator’s Guide 47
53-1001201-04
Configure Encryption for LKM key vaults
2
FIGURE 30 Read Instructions dialog box
13. Click Finish to exit the Configure Switch Encryption wizard.
Establishing the trusted link
You must generate the trusted link establishment package (TEP) on all nodes to establish a trusted
link between each node and the NetApp LKM appliance.
NOTE
Complete all steps required to establish a trusted link between LKM and the encryption group
members for each node before proceeding to the next node.
1. Open a Telnet window.
2. Log in to the encryption switch with administrator credentials.
3. Issue the DH challenge from the Fabric OS command line.
SecurityAdmin:switch>cryptocfg --dhchallenge 10.33.54.231
4. Launch the DMC and click the View Unapproved Trustees tab.
5. Right-click the node you wish to approve.
6. Provide a label in the dialog box and click Approve to approve the TEPs and generate the
trusted acceptance package (TAP) responses.
7. Insert the recovery card into the card reader, enter a password and click Verify Password.
8. Repeat step 7 with the second card.
9. Click Start. You are prompted to swap cards again. Follow the instructions on the screen.
10. Save the TAP to a file (location does not matter).
11. Issue the DH response on the same node you issued the DH challenge in step 1 to retrieve the
TAP from the NetApp LKM appliance. This step completes the LKM setup for a given node.
SecurityAdmin:switch>cryptocfg --dhresponse 10.33.54.231
12. Repeat the above steps for the each of the remaining member nodes.