Host security authentication

3

3.Configure the following parameters on the Port Security Authentication tab:

a.Select the Enable Authentication check box to enable or disable the authentication policy.

If authentication is enabled, the port attempts to negotiate with the switch. If the switch does not participate in the authentication process, the port skips the authentication process.

b.Type and retype the secret.

The maximum length of the secret is 63 bytes. The default secret for each interface is its port world wide name (PWWN) without the colons; for example, 0102030405060708. Select the algorithm type from the list:

MD5 - A hashing algorithm that verifies a message’s integrity using Message Digest version 5.

SHA1 - A secure hashing algorithm that computes a 160-bit message digest for a data file that is provided as input.

MD5SH1 - Similar to the MD5 hashing algorithm, but used for DH-CHAP authentication.

SHA1MD5 - Similar to the SHA1 hashing algorithm, but used for DH-CHAP authentication.

c.Select DHNULL as the group value (this is the only group that is supported).

4.Click Apply to apply the changes.

5.Click OK to save the changes and close the dialog box.

Configuring security authentication using the BCU

Enter the following commands to display or configure security authentication for the ports:

bcu auth --algo<port_id> <mdsha1mssm>

bcu auth --policy<port_id> {onoff}

bcu auth --secret<port_id> “secret_string

bcu auth --show<port_id>

bcu auth --stats<port_id>

bcu auth --statsclr<port_id>

Refer to “auth” on page 128 for details about these commands.

Brocade Adapters Administrator’s Guide

19

53-1001583-01

 

Page 33
Image 33
Brocade Communications Systems 804 Configuring security authentication using the BCU, Bcu auth --algoportid mdsha1mssm