Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2008)
Table Of Contents
- Contents
- About This Document
- Using Fabric OS Commands
- Fabric OS Commands
- aaaConfig
- ad
- ag
- agshow
- aliAdd
- aliCreate
- aliDelete
- aliRemove
- aliShow
- aptPolicy
- auditCfg
- authUtil
- bannerSet
- bannerShow
- bcastShow
- bladeBeacon
- bladeDisable
- bladeEnable
- burninErrClear
- burninErrShow
- burninLevel
- burninStatus
- cfgActvShow
- cfgAdd
- cfgClear
- cfgCreate
- cfgDelete
- cfgDisable
- cfgEnable
- cfgMcdtmode
- cfgRemove
- cfgSave
- cfgSaveActiveToDefined
- cfgShow
- cfgSize
- cfgTransAbort
- cfgTransShow
- chassisConfig
- chassisName
- chassisShow
- cliHistory
- configDefault
- configDownload
- configList
- configRemove
- configShow
- configUpload
- configure
- dataTypeShow
- date
- dbgShow
- defZone
- diagClearError
- diagDisablePost
- diagEnablePost
- diagHelp
- diagPost
- diagRetry
- diagSetBurnin
- diagSetCycle
- diagShow
- diagSkipTests
- diagStopBurnin
- dbgShow
- distribute
- dlsReset
- dlsSet
- dlsShow
- dnsConfig
- enclosureShow
- errClear
- errDelimiterSet
- errDump
- errFilterSet
- errModuleShow
- errShow
- exit
- fabPortShow
- fabRetryShow
- fabricLog
- fabricPrincipal
- fabricShow
- fabStatsShow
- fabSwitchShow
- fanDisable
- fanEnable
- fanShow
- fastboot
- fastwritecfg
- fcipChipTest
- fcipHelp
- fcipPathTest
- fcLunQuery
- fcPing
- fcpLogClear
- fcpLogDisable
- fcpLogEnable
- fcpLogShow
- fcpProbeShow
- fcpRlsShow
- fcrBcastConfig
- fcrChipTest
- fcrConfigure
- fcrFabricShow
- fcrLsanCount
- fcrLsanMatrix
- fcrPathTest
- fcrPhyDevShow
- fcrProxyConfig
- fcrProxyDevShow
- fcrResourceShow
- fcrRouterPortCost
- fcrRouteShow
- fcrXlateConfig
- fddCfg
- fdmiCacheShow
- fdmiShow
- ficonClear
- ficonCupSet
- ficonCupShow
- ficonHelp
- ficonShow
- fipsCfg
- firmwareCommit
- firmwareDownload
- firmwareDownloadStatus
- firmwareKeyShow
- firmwareKeyUpdate
- firmwareRestore
- firmwareShow
- fosConfig
- fruReplace
- fspfShow
- fwAlarmsFilterSet
- fwAlarmsFilterShow
- fwClassInit
- fwConfigReload
- fwConfigure
- fwFruCfg
- fwHelp
- fwMailCfg
- fwPortDetailShow
- fwSamShow
- fwSet
- fwSetToCustom
- fwSetToDefault
- fwShow
- h
- haDisable
- haDump
- haEnable
- haFailover
- haShow
- haSyncStart
- haSyncStop
- help
- historyLastShow
- historyMode
- historyShow
- httpCfgShow
- i
- iclCfg
- ifModeSet
- ifModeShow
- interfaceShow
- interopMode
- iodDelayReset
- iodDelaySet
- iodDelayShow
- iodReset
- iodSet
- iodShow
- ipAddrSet
- ipAddrShow
- ipfilter
- iscsiCfg
- iscsiChipTest
- iscsiHelp
- iscsiPathTest
- iscsiPortCfg
- iscsiSessionCfg
- iscsiSwCfg
- islShow
- isnscCfg
- itemList
- killTelnet
- ldapCfg
- licenseAdd
- licenseHelp
- licenseIdShow
- licensePort
- licenseRemove
- licenseShow
- linkCost
- login
- logout
- lsanZoneShow
- lsDbShow
- memShow
- miniCycle
- msCapabilityShow
- msConfigure
- msPlatShow
- msPlatShowDBCB
- msPlClearDB
- msPlMgmtActivate
- msPlMgmtDeactivate
- msTdDisable
- msTdEnable
- msTdReadConfig
- myId
- nbrStateShow
- nbrStatsClear
- nodeFind
- nsAliasShow
- nsAllShow
- nsCamShow
- nsShow
- nsZoneMember
- passwd
- passwdCfg
- pathInfo
- pdShow
- perfAddEEMonitor
- perfAddIPMonitor
- perfAddReadMonitor
- perfAddRWMonitor
- perfAddSCSIMonitor
- perfAddUserMonitor
- perfAddWriteMonitor
- perfCfgClear
- perfCfgRestore
- perfCfgSave
- perfClearAlpaCrc
- perfDelEEMonitor
- perfDelFilterMonitor
- perfHelp
- perfMonitorClear
- perfMonitorShow
- perfSetPortEEMask
- perfShowAlpaCrc
- perfShowPortEEMask
- perfTTmon
- pkiCreate
- pkiRemove
- pkiShow
- policy
- portAlpaShow
- portBufferShow
- portCamShow
- portCfg
- portCfgAlpa
- portCfgCreditRecovery
- portCfgDefault
- portCfgEPort
- portCfgEXPort
- portCfgGPort
- portCfgISLMode
- portCfgLongDistance
- portCfgLPort
- portCfgNPIVPort
- portCfgNPort
- portCfgPersistentDisable
- portCfgPersistentEnable
- PortCfgQos
- portCfgShow
- portCfgSpeed
- portCfgTrunkPort
- portCfgVEXPort
- portCmd
- portDebug
- portDisable
- portEnable
- portErrShow
- portFlagsShow
- portLedTest
- portLogClear
- portLogConfigShow
- portLogDisable
- portLogDump
- portLogDumpPort
- portLogEnable
- portLogEventShow
- portLoginShow
- portLogPdisc
- portLogReset
- portLogResize
- portLogShow
- portLogShowPort
- portLogTypeDisable
- portLogTypeEnable
- portLoopbackTest
- portMirror
- portName
- portPerfShow
- portRouteShow
- portShow
- portStats64Show
- portStatsClear
- portStatsShow
- portSwap
- portSwapDisable
- portSwapEnable
- portSwapShow
- portTest
- portTestShow
- portTrunkArea
- portZoneShow
- powerOffListSet
- powerOffListShow
- psShow
- reboot
- routeHelp
- secActiveSize
- secAuthSecret
- secCertUtil
- secDefineSize
- secGlobalShow
- secHelp
- secPolicyAbort
- secPolicyActivate
- secPolicyAdd
- secPolicyCreate
- secPolicyDelete
- secPolicyDump
- secPolicyFCSMove
- secPolicyRemove
- secPolicySave
- secPolicyShow
- secStatsReset
- secStatsShow
- sensorShow
- setDbg
- setModem
- setVerbose
- sfpShow
- shellFlowControlDisable
- shellFlowControlEnable
- slotPowerOff
- slotPowerOn
- slotShow
- snmpConfig
- spinFab
- sshUtil
- statsClear
- stopPortTest
- supportFfdc
- supportFtp
- supportSave
- supportShow
- supportShowCfgDisable
- supportShowCfgEnable
- supportShowCfgShow
- switchBeacon
- switchCfgPersistentDisable
- switchCfgPersistentEnable
- switchCfgSpeed
- switchCfgTrunk
- switchDisable
- switchEnable
- switchName
- switchShow
- switchStatusPolicySet
- switchStatusPolicyShow
- switchStatusShow
- switchUptime
- switchViolation
- syslogdFacility
- syslogdIpAdd
- syslogdIpRemove
- syslogdIpShow
- sysShutDown
- systemVerification
- tempShow
- timeOut
- topologyShow
- traceDump
- trackChangesHelp
- trackChangesSet
- trackChangesShow
- trunkDebug
- trunkShow
- tsClockServer
- tsTimeZone
- turboRamTest
- upTime
- uRouteConfig
- uRouteRemove
- uRouteShow
- usbStorage
- userConfig
- userRename
- version
- wwn
- zone
- zoneAdd
- zoneCreate
- zoneDelete
- zoneHelp
- zoneObjectCopy
- zoneObjectExpunge
- zoneObjectRename
- zoneRemove
- zoneShow
- Primary FCS commands
- Control Processor Commands
- Command availability
- Index
618 Fabric OS Command Reference
53-1000599-02
sshUtil
2
genkey prompts for user input on the following parameters:
passphrase
Accepts a string of arbitrary length. This operand is optional, but creating a
pass-phrase is strongly recommended. Good pass phrases are 10-30
characters long, are not simple sentences or otherwise easily guessable and
contain a mix of upper and lowercase letters, numbers, and
non-alphanumeric characters. There is no way to recover a lost pass phrase.
If the pass phrase is lost or forgotten, a new key must be generated and
copied to the corresponding public key to other machines.
exportpubkey Exports the public key from the switch to a specified remote host to support
outgoing connections from the switch to a remote host. This option can only
be performed by a configured user. The successfully exported public key must
be appended to the authorized_keys file on the remote host. Use the cat
~/.ssh/outgoing.pub >> ~/.ssh/authorized_keys command to append the
file.
exportpubkey prompts for IP Address, remote directory, login name and
password. Refer to importpubkey for a description of these parameters.
delprivkey Deletes the private key for outgoing connection from the switch. This option
can only be performed by a configured user. Deletion of a configured user's
private keys effectively blocks outgoing connections initiated by this user that
rely on public key authentication with a remote host.
help Displays command usage.
Examples To configure a user for public key authentication:
switch:admin>
sshutil allowuser username
Allowed user has been successfully changed to username.
To display the configured user:
switch:username> sshutil showuser
username
To set up SSH public key authentication on a switch for incoming connections:
1. Generate a private/public key pair on a remote host (accept default directory and file name):
username@remotehost> ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/users/home/username/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):passphrase
Enter same passphrase again: passphrase
Your identification has been saved in /users/home/username/.ssh/id_dsa.
Your public key has been saved in /users/home/username/.ssh/id_dsa.pub.
The key fingerprint is:
3 0:9f:ae:b6:7f:7e:55:e4:b2:7a:51:f0:95:44:5c:d1 username@host
2. Import the public key from the remote host to the local switch:
switch:username> sshutil importpubkey
Enter IP address:Remote host IP Address
Enter remote directory: ~username/.ssh
Enter public key name(must have .pub suffix):id_dsa.pub
Enter login name:username