What can I help you with?

NVIDIA NVOS User Manual for InfiniBand Switches v25.02.2002

NVIDIA Docs Hub NVIDIA Networking Networking Software Switch Software NVIDIA NVOS User Manual for InfiniBand Switches v25.02.2002 Security Commands

On This Page

nv show system security tpm oiak
nv action import system security tpm oiak
nv action delete system security tpm oiak
nv action change system security sed-password
nv show system security password-hardening
nv set system security password-hardening state
nv set system security password-hardening digits-class
nv set system security password-hardening expiration
nv set system security password-hardening expiration-warning
nv set system security password-hardening history-cnt
nv set system security password-hardening len-min
nv set system security password-hardening lower-class
nv set system security password-hardening reject-user-passw-match
nv set system security password-hardening special-class
nv set system security password-hardening upper-class

Security Commands

nv show system security tpm oiak

	nv show sys security tpm oiak Display owner IAK certificate.
Syntax Description	N/A
Default	N/A
History	25.02.2002
Example	Copy Copied! `admin@nvos:~$ nv show sys security tpm oiak operational ----- ----------- plain Certificate: Data: Version: 3 (0x2) … …`
REST API	GET https://<ip>/nvue_v1/system/security/tpm/oiak
Related commands	nv action import system security tpm oiak
Notes

nv action import system security tpm oiak

	nv action import system security tpm oiak Import system security TPM owner IAK.
Syntax Description	remote-url	A local/remote URI from where the certificate file (containing the public-key) can be retrievied.
Syntax Description	data	The raw data bytes (e.g., PEM string) of the certificate.
Default	N/A
History	25.02.2002
Example	Copy Copied! `admin@nvos:~$ nv action import system security tpm oiak remote-url scp://u:p@s/oIAK.crt`
REST API	POST https://<ip>/nvue_v1/system/security/tpm/oiak
Related Commands	nv action delete system security tpm oiak nv show sys security tpm oiak
Notes

nv action delete system security tpm oiak

	nv action delete system security tpm oiak Delete system security TPM owner IAK.
Syntax Description	N/A
Default	N/A
History	25.02.2002
Example	nv action delete system security tpm oiak
REST API	DELETE https://<ip>/nvue_v1/system/security/tpm/oiak
Related Commands	nv action import system security tpm oiak
Notes

nv action change system security sed-password

	nv action change system security [sed-password] Change the SED password by setting a new password chosen by the user.
Syntax Description	sed-password	Minimum password length 8 charachters Maximum password range: 250 charachters
Default	NA
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv action change system security sed-password 12345678`
REST API	POST https://<ip>/nvue_v1/system/security
Related Commands
Notes	The password can be up to 250 characters but it is hashed down to 32 bytes to conform to the size required by the drive.

nv show system security password-hardening

	nv show system security password-hardening Displays the password hardening rules applied on top of the switch
Syntax Description	nv set system security password-hardening
Default	The example contains the default values of the feature
History	25.02.2xxx
Example	Copy Copied! admin@nvos:~$ nv show system security password-hardening operational applied pending ----------------------- ----------- ------- ------- state enabled enabled enabled reject-user-passw-match enabled enabled enabled lower-class enabled enabled enabled upper-class enabled enabled enabled digits-class enabled enabled enabled special-class enabled enabled enabled expiration-warning 15 15 15 expiration 180 180 180 history-cnt 10 10 10 len-min 8 8 8
Rest API	GET https://<id>/nvue_v1/system/security/password_hardening
Related Commands	nv set system security password-hardening
Notes	Password hardening rules are applied only to locally stored passwords

nv set system security password-hardening state

	nv set system security password-hardening state <enabled/disabled> Enable or disable the password hardening feature
Syntax Description	state	enabled/disabled
Default	enabled
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening state enabled`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/state/
Related Commands	nv show system security password-hardening
Notes	When password hardening is enabled - the switch does not accept hashed passwords

nv set system security password-hardening digits-class

	nv set system security password-hardening digits-class<enabled/disabled> Enable or disable the requirement to enforce digits in the password
Syntax Description	digits-class	enabled/disabled
Default	enabled
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening state enabled`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/digits-class/
Related Commands	nv show system security password-hardening
Notes

nv set system security password-hardening expiration

	nv set system security password-hardening expiration [<integer days>] Number of days for password validity, afterwards user will be prompted to change his password
Syntax Description	expiration	expiration days (1-365)
Default	180
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening expiration 200`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/expiration/
Related Commands	nv show system security password-hardening
Notes

nv set system security password-hardening expiration-warning

	nv set system security password-hardening expiration-warning [<integer days>] Number of days for password warning which will alert the user that he needs to change his password before it expires. The alert will appear on the login screen for the user
Syntax Description	expiration-warning	warning days (1-30)
Default	15
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening expiration-warning 10`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/expiration-warning/
Related Commands	nv show system security password-hardening
Notes

nv set system security password-hardening history-cnt

	nv set system security password-hardening history-cnt [<integer count>] Number of passwords the system will compare the current password against. If the password is equal to one of the previously configured password - the system will reject it
Syntax Description	history-cnt	history count (1-100)
Default	10
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening history-cnt 5`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/history-cnt/
Related Commands	nv show system security password-hardening
Notes

nv set system security password-hardening len-min

	nv set system security password-hardening len-min [<integer length>] Set the minimum length for a password
Syntax Description	len-min	length (6-32)
Default	8
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening len-min 10`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/len-min/
Related Commands	nv show system security password-hardening
Notes

nv set system security password-hardening lower-class

	nv set system security password-hardening lower-class <enabled/disabled> Enable or disable the requirement to enforce lower case letters in the password
Syntax Description	lower-class	enabled/disabled
Default	enabled
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening lower-class <enabled/disabled>`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/lower-class/
Related Commands	nv show system security password-hardening
Notes

nv set system security password-hardening reject-user-passw-match

	nv set system security password-hardening reject-user-passw-match<enabled/disabled> Enable or disable allowing the username and password to be identical
Syntax Description	reject-user-passw-match	enabled/disabled
Default	enabled
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening state <enabled/disabled>`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/reject-user-passw-match/
Related Commands	nv show system security password-hardening
Notes

nv set system security password-hardening special-class

	nv set system security password-hardening special-class <enabled/disabled> Enable or disable the requirement to enforce special characters in the password.
Syntax Description	special-class	feature state
Default	enabled
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening special-class disabled`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/special-class/
Related Commands	nv show system security password-hardening
Notes	The special characters allowed are: `~!@#$%^&*()-_+=\|[{}];:',<.>/? and white space These characters must be accompanied by quotation marks "" in order to be received correctly in the password string. Example: nv set system aaa user example password "123%$Aabcv"

nv set system security password-hardening upper-class

	nv set system security password-hardening upper-class <enabled/disabled> Enable or disable the requirement to enforce upper case letters in the password.
Syntax Description	upper-class	enabled/disabled
Default	enabled
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system security password-hardening upper-class enabled`
REST API	PATCH https://<id>/nvue_v1/system/security/password_hardening/upper-class/
Related Commands	nv show system security password-hardening
Notes

© Copyright 2024, NVIDIA. Last updated on Jan 8, 2025.