Fabric OS procedures user guide
132
Fabric OS 3.x Document Addendum
Note:
To maintain a secure network, avoid using telnet or any other unprotected application when
you are working on the switch. For example, if you use telnet to connect to a machine and then start
an SSH or secure telnet session from that machine to the switch, the communication to the switch is
in clear text, and therefore is not secure.
The FTP protocol is also not secure. When you use FTP to copy files to or from the switch, the
contents are in clear text. This includes the remote FTP server's login and password. This limitation
affects the following commands:
savecore
,
configupload
,
configdownload
, and
firmwaredownload
.
Commands that require a secure login channel must be issued from an original SSH session. If
you start an SSH session and subsequently use the
login
command to start a nested SSH
session, commands that require a secure channel are rejected.
Fabric OS v3.2.x and later supports SSH protocol v2.0 (ssh2). For more information on SSH,
see the SSH IETF web site:
http://www.ietf.org/ids.by.wg/secsh.html .
Fabric OS v3.2.x comes with the SSH server preinstalled; however, you must select and install
the SSH client. For information on installing and configuring the F-Secure SSH client, see the
web site:
http://www.f-secure.com .
Accessing Switches and Fabrics
You can disable HTTP, SNMP, and RPC access to Fabric OS switches using the
configure
command. Disabling these access points helps make a fabric more secure.
Following is sample output from the
configure
command:
switch:admin>
configure
Configure...
Fabric parameters (yes, y, no, n): [no]
Virtual Channel parameters (yes, y, no, n): [no]
Zoning Operation parameters (yes, y, no, n): [no]
RSCN Transmission Mode (yes, y, no, n): [no]
Arbitrated Loop parameters (yes, y, no, n): [no]
System services (yes, y, no, n): [no]
rstatd (on, off):
[
off]
rusersd (on, off): [off]
rapid (on, off): [on]
thad (on, off): [on]
Disable RLS probing (on, off): [on]
Portlog events enable (yes, y, no, n): [no]
Configure Application Attributes:
http:
HTTP Enabled (yes, y, no, n): [yes]
snmp:
SNMP Enabled (yes, y, no, n): [yes]
rpc:
RPCd Enabled (yes, y, no, n): [yes]
switch:admin> version
Summary of Contents for StorageWorks 2/16 - SAN Switch
Page 8: ...Contents 8 Fabric OS 3 x Document Addendum ...
Page 16: ...Advanced performance monitor user guide 16 Fabric OS 3 x Document Addendum ...
Page 72: ...Advanced Web Tools user guide 72 Fabric OS 3 x Document Addendum ...
Page 130: ...Extended fabric user guide 130 Fabric OS 3 x Document Addendum ...
Page 150: ...Fabric OS procedures user guide 150 Fabric OS 3 x Document Addendum ...
Page 238: ...Fabric OS reference guide 238 Fabric OS 3 x Document Addendum ...