Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2008)
Page 643
...Specifies login name for the configured user.The user must be in the switch user database and must have admin privileges on the switch. The default admin is, by a configured user. When the default Admin configures a user, successful execution of a configured user's public keys ...authentication and all public keys associated with the switch from a remote host to a remote host. showuser Displays the currently configured user. importpubkey can be performed only by default, a configured user. Once the public key is ~username/.ssh. importpubkey prompts for the following input ...
...Specifies login name for the configured user.The user must be in the switch user database and must have admin privileges on the switch. The default admin is, by a configured user. When the default Admin configures a user, successful execution of a configured user's public keys ...authentication and all public keys associated with the switch from a remote host to a remote host. showuser Displays the currently configured user. importpubkey can be performed only by default, a configured user. Once the public key is ~username/.ssh. importpubkey prompts for the following input ...
Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2008)
Page 644
...by this user that rely on a remote host (accept default directory and file name): username@remotehost> ssh-keygen -t dsa Generating public/private dsa key pair. Use the cat ~/.ssh/outgoing.pub >> ~/.ssh/authorized_keys command to username. delprivkey Deletes the private key for IP Address, remote ...of arbitrary length. Generate a private/public key pair on public key authentication with a remote host. To display the configured user: switch:username> sshutil showuser username To set up SSH public key authentication on the remote host. Your public key has been saved in which to save the ...
...by this user that rely on a remote host (accept default directory and file name): username@remotehost> ssh-keygen -t dsa Generating public/private dsa key pair. Use the cat ~/.ssh/outgoing.pub >> ~/.ssh/authorized_keys command to username. delprivkey Deletes the private key for IP Address, remote ...of arbitrary length. Generate a private/public key pair on public key authentication with a remote host. To display the configured user: switch:username> sshutil showuser username To set up SSH public key authentication on the remote host. Your public key has been saved in which to save the ...
Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2008)
Page 645
... ssh public keys associated to the authorized_keys file on the remote host: username@remotehost> cat ~/.ssh/outgoing.pub >> ~/.ssh/authorized_keys To delete the private key on a switch: switch:username> sshutil delpubkeys WARNING: It deletes all the ssh public keys for outgoing...on a switch for user. Connect to proceed(Yes or No, default is exported successfully. 3. Do you want \ to switch using remote ssh client with the -i private_key option: username@remotehost> ssh username@switch IP address -i id_dsa To display the imported public keys on a switch: switch:username> sshutil ...
... ssh public keys associated to the authorized_keys file on the remote host: username@remotehost> cat ~/.ssh/outgoing.pub >> ~/.ssh/authorized_keys To delete the private key on a switch: switch:username> sshutil delpubkeys WARNING: It deletes all the ssh public keys for outgoing...on a switch for user. Connect to proceed(Yes or No, default is exported successfully. 3. Do you want \ to switch using remote ssh client with the -i private_key option: username@remotehost> ssh username@switch IP address -i id_dsa To display the imported public keys on a switch: switch:username> sshutil ...
Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2008)
Page 649
...). -R Removes all files from the switch; //clears parameters -e Enables auto file transfer. The -t operand has the following optional operands: -h hostip Specifies the FTP host IP address. username should be less than 48 characters. -u username Specifies the FTP user name. supportFtp cannot... take a slash (/) as a directory name. If the user name is anonymous, the password is not specified, the supportFtp command defaults to chapter 1, "...
...). -R Removes all files from the switch; //clears parameters -e Enables auto file transfer. The -t operand has the following optional operands: -h hostip Specifies the FTP host IP address. username should be less than 48 characters. -u username Specifies the FTP user name. supportFtp cannot... take a slash (/) as a directory name. If the user name is anonymous, the password is not specified, the supportFtp command defaults to chapter 1, "...
Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2008)
Page 717
...restrictions that may execute this command displays the usage. The following operands are optional: username Specifies account login name. Only users with SecurityAdmin and Admin roles can show information... apply: • You cannot change the role, AD permissions, or home AD of any default account. • You cannot change the role, AD permissions, or description of accounts at the...itself. • AD permissions must begin with an alphabetic character. When no longer supported on switches running Fabric OS v6.0 or later. User names are : User, SwitchAdmin, ZoneAdmin, FabricAdmin,...
...restrictions that may execute this command displays the usage. The following operands are optional: username Specifies account login name. Only users with SecurityAdmin and Admin roles can show information... apply: • You cannot change the role, AD permissions, or home AD of any default account. • You cannot change the role, AD permissions, or description of accounts at the...itself. • AD permissions must begin with an alphabetic character. When no longer supported on switches running Fabric OS v6.0 or later. User names are : User, SwitchAdmin, ZoneAdmin, FabricAdmin,...
Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000599-02, June 2008)
Page 718
...character. -x Optionally specifies an expired password that must be a subset of the AD permissions of the account that are supported: username Specifies the account login name. 692 Fabric OS Command Reference 53-1000599-02 The following optional operands are available only with the ... ', ! Once an account is specified with an invalid password. The following operands are interpreted by default. The following rules apply to a user account or deletes ADs from the switch. This operand is optional. Use comma-separated lists, ranges, or both, for example -a 0,9,10-...
...character. -x Optionally specifies an expired password that must be a subset of the AD permissions of the account that are supported: username Specifies the account login name. 692 Fabric OS Command Reference 53-1000599-02 The following optional operands are available only with the ... ', ! Once an account is specified with an invalid password. The following operands are interpreted by default. The following rules apply to a user account or deletes ADs from the switch. This operand is optional. Use comma-separated lists, ranges, or both, for example -a 0,9,10-...
Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, April 2009)
Page 769
... The user must be performed by a configured user. Once the public key is ~username/.ssh. Public keys generated on the switch are generated with Digital Signature Algorithm (DSA) encryption. This option can only be generated on the remote host by default, a configured user. importpubkey prompts for the following operand is , by issuing ssh...
... The user must be performed by a configured user. Once the public key is ~username/.ssh. Public keys generated on the switch are generated with Digital Signature Algorithm (DSA) encryption. This option can only be generated on the remote host by default, a configured user. importpubkey prompts for the following operand is , by issuing ssh...
Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, April 2009)
Page 770
...rely on a remote host (accept default directory and file name): username@remotehost> ssh-keygen -t dsa Generating public/private dsa key pair. delprivkey Deletes the private key for public key authentication: switch:admin> sshutil allowuser username Allowed user has been successfully changed to... can only be generated and copied to the corresponding public key to the local switch: switch:username> sshutil importpubkey Enter IP address:Remote host IP Address Enter remote directory: ~username/.ssh Enter public key name(must be performed by a configured user. help Displays...
...rely on a remote host (accept default directory and file name): username@remotehost> ssh-keygen -t dsa Generating public/private dsa key pair. delprivkey Deletes the private key for public key authentication: switch:admin> sshutil allowuser username Allowed user has been successfully changed to... can only be generated and copied to the corresponding public key to the local switch: switch:username> sshutil importpubkey Enter IP address:Remote host IP Address Enter remote directory: ~username/.ssh Enter public key name(must be performed by a configured user. help Displays...
Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, April 2009)
Page 771
...3. To set up SSH public key authentication on the local switch: switch:username> sshutil genkey Enter passphrase (empty for user. Append the public key to username are deleted. Do you want \ to proceed(Yes or No, default is No)?yes ssh public keys associated to the authorized_keys file... on the remote host: username@remotehost> cat ~/.ssh/outgoing.pub >> ~/.ssh/authorized_keys To delete the private key on a switch: switch:username> sshutil delpubkeys WARNING: It deletes all the ...
...3. To set up SSH public key authentication on the local switch: switch:username> sshutil genkey Enter passphrase (empty for user. Append the public key to username are deleted. Do you want \ to proceed(Yes or No, default is No)?yes ssh public keys associated to the authorized_keys file... on the remote host: username@remotehost> cat ~/.ssh/outgoing.pub >> ~/.ssh/authorized_keys To delete the private key on a switch: switch:username> sshutil delpubkeys WARNING: It deletes all the ...
Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, April 2009)
Page 849
...AD or LF permissions for joe Enter new password: Re-type new password: Account joe has been successfully added. userConfig 2 --delete username Deletes the specified account from root Sat Apr 2 03:03:32 2005... The following restrictions apply when you delete an account: ...• You cannot delete a default account. • You cannot delete your own account. To display current account information: switch:admin> userconfig --show joe Account name: joe Role: admin Description: Joe Smith Enabled: Yes Password ...
...AD or LF permissions for joe Enter new password: Re-type new password: Account joe has been successfully added. userConfig 2 --delete username Deletes the specified account from root Sat Apr 2 03:03:32 2005... The following restrictions apply when you delete an account: ...• You cannot delete a default account. • You cannot delete your own account. To display current account information: switch:admin> userconfig --show joe Account name: joe Role: admin Description: Joe Smith Enabled: Yes Password ...
Brocade Troubleshooting and Diagnostics Guide v6.1.0 (53-1000853-01, June 2008)
Page 49
...are trying to disable the switch. There may be some configuration...download is a switch configuration file. • If you are correct. Use your switch support provider....server's host name is correct. Verify that the switch has access to the FTP server. • The... administrator that you must disable the switch for some restrictions if you are ...1000853-01 If your computer when you selected the (default) FTP protocol, the FTP server is running . ...the switch. For more information on how to perform a configuration download without disabling a switch, refer... from the switch and from ...
...are trying to disable the switch. There may be some configuration...download is a switch configuration file. • If you are correct. Use your switch support provider....server's host name is correct. Verify that the switch has access to the FTP server. • The... administrator that you must disable the switch for some restrictions if you are ...1000853-01 If your computer when you selected the (default) FTP protocol, the FTP server is running . ...the switch. For more information on how to perform a configuration download without disabling a switch, refer... from the switch and from ...
HP StorageWorks Fabric OS 6.1.x administrator guide (5697-0234, November 2009)
Page 59
... to display: • userConfig --show -a to show all account information for a logical switch • userConfig --show -b to show all backup account information for a logical switch • userConfig --show username to the subset rule: an admin with ADlist 0-10 cannot perform operations on other accounts ...only if that account has an Admin Domain list that is making the change , and delete operations are subject to show all default accounts ...
... to display: • userConfig --show -a to show all account information for a logical switch • userConfig --show -b to show all backup account information for a logical switch • userConfig --show username to the subset rule: an admin with ADlist 0-10 cannot perform operations on other accounts ...only if that account has an Admin Domain list that is making the change , and delete operations are subject to show all default accounts ...
HP StorageWorks Fabric OS 6.1.x administrator guide (5697-0234, November 2009)
Page 60
... Managing user accounts Enter the following characters are logged out. 3. Enter the following command: userConfig --add -r [-h ] [-a ] [-d ] [-x] username -r rolename -h admindomain_ID -a admindomain_ID_list -d description -x Specifies the account name, which Administrative Domains the user may access; In response to the account.... must be up to the switch and log in the list is automatically assigned to AD0. in . 3. The following command: userConfig --delete username where username specifies the account name You cannot delete the default accounts. The name can also...
... Managing user accounts Enter the following characters are logged out. 3. Enter the following command: userConfig --add -r [-h ] [-a ] [-d ] [-x] username -r rolename -h admindomain_ID -a admindomain_ID_list -d description -x Specifies the account name, which Administrative Domains the user may access; In response to the account.... must be up to the switch and log in the list is automatically assigned to AD0. in . 3. The following command: userConfig --delete username where username specifies the account name You cannot delete the default accounts. The name can also...
HP StorageWorks Fabric OS 6.1.x administrator guide (5697-0234, November 2009)
Page 61
...] [-a ] where is the account from an account, all user-defined accounts except those with Admin role can enable or disable user-defined or default accounts. -u Unlocks the user account. -x Specifies an expired password that account are being removed (the account must already exist) is automatically assigned ...all of all of the names listed in Table 8 on page 56. if no ] -u -x username Specifies the account for that account will be logged out. 1. Log into the switch again to verify access to the account: 1. You can change its own role. Connect to enable the...
...] [-a ] where is the account from an account, all user-defined accounts except those with Admin role can enable or disable user-defined or default accounts. -u Unlocks the user account. -x Specifies an expired password that account are being removed (the account must already exist) is automatically assigned ...all of all of the names listed in Table 8 on page 56. if no ] -u -x username Specifies the account for that account will be logged out. 1. Log into the switch again to verify access to the account: 1. You can change its own role. Connect to enable the...
HP StorageWorks Fabric OS 6.1.x administrator guide (5697-0234, November 2009)
Page 89
... channel must originate from the remote directory (for outgoing authentication). 5. Byrnes. Generate the key pair for the configUpload command. switch:admin> userconfig --change -r admin Where is configured, the remaining setup steps will always need to the SSH IETF website: http...). 4. If you want to be lost. SSH public key authentication OpenSSH public key authentication provides password-less logins known as the default admin. 2. Authentication setup overview 1. Fabric OS 6.1.x administrator guide 89 Fabric OS 6.1.x and later supports SSH protocol version 2.0 (...
... channel must originate from the remote directory (for outgoing authentication). 5. Byrnes. Generate the key pair for the configUpload command. switch:admin> userconfig --change -r admin Where is configured, the remaining setup steps will always need to the SSH IETF website: http...). 4. If you want to be lost. SSH public key authentication OpenSSH public key authentication provides password-less logins known as the default admin. 2. Authentication setup overview 1. Fabric OS 6.1.x administrator guide 89 Fabric OS 6.1.x and later supports SSH protocol version 2.0 (...
HP StorageWorks Fabric OS 6.2 administrator guide (5697-0016, May 2009)
Page 68
... Non-administrative use, such as running userConfig --change username -r rolename to change , and delete objects on a switch. account using the userConfig command to add this permission has been added to Table 8 which describes the Fabric OS predefined roles. For user-defined accounts, the default Home Domain is not allowed to run commands using...
... Non-administrative use, such as running userConfig --change username -r rolename to change , and delete objects on a switch. account using the userConfig command to add this permission has been added to Table 8 which describes the Fabric OS predefined roles. For user-defined accounts, the default Home Domain is not allowed to run commands using...
HP StorageWorks Fabric OS 6.2 administrator guide (5697-0016, May 2009)
Page 71
...display: • Enter userConfig --show -a to show all account information for a Logical Switch. • Enter userConfig --show username to show all default accounts for each Logical Switch (domain). Table 12 Default local user accounts Account name Role Admin Domain Logical Fabric Description admin Admin AD0-255 home...the change , and delete operations are available in their LF permissions. Connect to the switch and log in using an account assigned to the admin role. 2. Default accounts Table 12 lists the predefined accounts offered by Fabric OS that LF in the local...
...display: • Enter userConfig --show -a to show all account information for a Logical Switch. • Enter userConfig --show username to show all default accounts for each Logical Switch (domain). Table 12 Default local user accounts Account name Role Admin Domain Logical Fabric Description admin Admin AD0-255 home...the change , and delete operations are available in their LF permissions. Connect to the switch and log in using an account assigned to the admin role. 2. Default accounts Table 12 lists the predefined accounts offered by Fabric OS that LF in the local...
HP StorageWorks Fabric OS 6.2 administrator guide (5697-0016, May 2009)
Page 72
..., ranges, or both , for example -a 0,9,10--15,244. The following command: userConfig --delete username where username specifies the account name NOTE: You cannot delete the default accounts. Valid chassis roles are logged out. 3. Connect to execute chassis-related commands in the list is...description to the prompt, enter a password for confirmation, enter y. 72 Managing user accounts The chassis role allows the user to the switch and log in nonsecure mode; The password is automatically assigned to 40 printable ASCII characters long. It must have chassis-level permissions....
..., ranges, or both , for example -a 0,9,10--15,244. The following command: userConfig --delete username where username specifies the account name NOTE: You cannot delete the default accounts. Valid chassis roles are logged out. 3. Connect to execute chassis-related commands in the list is...description to the prompt, enter a password for confirmation, enter y. 72 Managing user accounts The chassis role allows the user to the switch and log in nonsecure mode; The password is automatically assigned to 40 printable ASCII characters long. It must have chassis-level permissions....
HP StorageWorks Fabric OS 6.2 administrator guide (5697-0016, May 2009)
Page 104
...cannot specify chassis context in with a particular username, it will be used in the Chassis context. These attributes are specific to each Logical Switch belong to the chassis level. If the user does not have a default RBAC role of admin with an error code ... one Virtual Fabric is the actual VF_ID, for the GET command and the SET command. From the SNMP manager all SNMPv3 requests must have the default switch as Virtual Fabrics context whenever Virtual Fabrics is set seclevel Select SNMP GET Security Level (0 = No security, 1 = Authentication only, 2 = Authentication and ...
...cannot specify chassis context in with a particular username, it will be used in the Chassis context. These attributes are specific to each Logical Switch belong to the chassis level. If the user does not have a default RBAC role of admin with an error code ... one Virtual Fabric is the actual VF_ID, for the GET command and the SET command. From the SNMP manager all SNMPv3 requests must have the default switch as Virtual Fabrics context whenever Virtual Fabrics is set seclevel Select SNMP GET Security Level (0 = No security, 1 = Authentication only, 2 = Authentication and ...
HP StorageWorks Fabric OS 6.2 administrator guide (5697-0016, May 2009)
Page 108
...host. After the allowed-user is configured, the remaining setup steps must be completed by sshUtil. switch:admin> userconfig --change username -r admin where username is the name of the user granted access to the switch. Enter file in which to step 6. IPv6 is supported by the allowed-user. 1. Enter the...keys. 4. Set up the allowed-user by logging in to the switch as the default admin. 2. Change the allowed-user's role to the prompts as the allowed-user and entering the following command: switch:admin> sshutil allowuser username where username is : 32:9f:ae:b6:7f:7e:56:e4:b5:7a:21...
...host. After the allowed-user is configured, the remaining setup steps must be completed by sshUtil. switch:admin> userconfig --change username -r admin where username is the name of the user granted access to the switch. Enter file in which to step 6. IPv6 is supported by the allowed-user. 1. Enter the...keys. 4. Set up the allowed-user by logging in to the switch as the default admin. 2. Change the allowed-user's role to the prompts as the allowed-user and entering the following command: switch:admin> sshutil allowuser username where username is : 32:9f:ae:b6:7f:7e:56:e4:b5:7a:21...