Updating a GPFS cluster to nistCompliance SP800-131A

Learn how to generate FIPS compliant authentication keys for GPFS.

About this task

A cluster upgraded from GPFS version below 4.1 may have nistCompliance set to off and may be operating with keys which are not NIST SP800-131A-compliant. When enabling FIPS at the GPFS level, this becomes an issue and the following warning might be generated:
[root@node0101 ~]# mmchconfig FIPS1402mode=yes
mmchconfig: Attention: The authentication keys for cluster gpfs-9940062_hadomain_1-cluster.apdomain.ibm.com (this cluster)
   may not be FIPS140-2 compliant. Use mmauth genkey {new | commit} to replace
   the keys as described in the 'Updating a cluster to nistCompliance SP800-131A'
   section of the documentation.
Make the system compliant with NIST SP800-131A: