Security Keys

When any security keys should be used with ibdiagnet, it can use option security keys to provide path to all security files that should be used:

Parameter	Description
--security_keys <path to key file>	Specifies the path to the directory with the key files. (guid2lid, guid2mkey, neighbors, guid2vskey, guid2cckey, guid2_m2n_key, guid2pmkey).

Parameter

Description

--security_keys <path to key file>

Specifies the path to the directory with the key files.

(guid2lid, guid2mkey, neighbors, guid2vskey, guid2cckey, guid2_m2n_key, guid2pmkey).

File names

Type	File names
Management Key (MKEY)	guid2lid guid2mkey neighbors guid2vskey
VendorSpecific Key (VS Key)	guid2vskey
CongestionControl Key (CC Key)	guid2cckey
Manager2Node Key (M2N Key)	guid2_m2n_key
Performance Management Key (VS Key)	guid2pmkey

Management Key (MKEY)

When MKEY protection is enabled by the Subnet Manager on the fabric devices, the following command options should be used in ibdiagnet:

Parameter	Description
--m_key <m_key>	Specifies constant MKey for the fabric. The MKey value should be specified when a single MKEY is shared by all InfiniBand devices. The mkey value can be obtained from the opensm.conf file (m_key parameter).

Parameter

Description

--m_key <m_key>

Specifies constant MKey for the fabric. The MKey value should be specified when a single MKEY is shared by all InfiniBand devices.

The mkey value can be obtained from the opensm.conf file (m_key parameter).

Example of guid2mkey/guid2cckey/guid2vskey file:

0x0002c9000000001e 0x0000000000000111
0x0002c9000000002a 0x0000000000000222
0x0002c90000000026 0x0000000000000333
0x0002c90000000006 0x0000000000000444

Example of guid2lid file:

0x0002c9000000004b 0x0027 0x0027
0x0002c9000000002a 0x001a 0x001b
0x0002c90000000006 0x0004 0x0005
0x0002c90000000047 0x000e 0x000e

Example of neighbours file:

0x0002c9000000004d:4 0x0002c9000000000e:1
0x0002c9000000004b:1 0x0002c9000000002e:1
0x0002c90000000049:2 0x0002c90000000022:1
0x0002c90000000006:1 0x0002c9000000004d:2

Example:

ibdiagnet --mkey 0x00ff
ibdiagnet --security_keys /var/cache/opensm/
ibdiagnet --security_keys /tmp/opensm_mkey_files/

VendorSpecific Key (VS Key)

When VendorSpecific keys are generated and provisioned by the Subnet Manager, VendorSpecific keys should be sent in VendorSpecific MADs per endport.

Parameter	Description
--vs_key <vs_key>	Specifies constant vs_key. VendorSpecific Key parameter value format: 0x<hex_value>

Example of guid2vskey FILE:

0x0000000000000111 0x0000000000000001
0x0000000000000222 0x2
0x0000000000000333 0x0000000003
0x0000000000000444 0x0000000000000004

Example:

ibdiagnet --vs_key 0x0000000000000123
ibdiagnet --vs_key 0x123

CongestionControl Key (CC Key)

When CongestionControl keys are generated and provisioned by the Subnet Manager, CongestionControl keys should be sent in CongestionControl (CC) MADs perend port.

Parameter	Description
--cc_key <cc_key>	Specifies constant cc_key. CC Key parameter value format: 0x<hex_value>

Example of guid2cckey FILE:

0x0000000000000111 0x0000000000000001
0x0000000000000222 0x2
0x0000000000000333 0x0000000003
0x0000000000000444 0x0000000000000004

Example:

ibdiagnet --cc_key 0x0000000000000123
ibdiagnet --cc_key 0x123

Manager2Node Key (M2N Key)

When Manager2Node keys are generated and provisioned by the Subnet Manager, Manager2Node keys should be sent in M2N (pFRN) MADs per node.

Parameter	Description
--m2n_key <m2n_key>	Specifies constant m2n_key for the fabric. M2N Key parameter value format: 0x<hex_value>

Example of guid2_m2n_key FILE:

0x0000000000000111 0x0000000000000001
0x0000000000000222 0x2
0x0000000000000333 0x0000000003
0x0000000000000444 0x0000000000000004

Examples:

ibdiagnet --m2n_key 0x0000000000000123
ibdiagnet --m2n_key 0x123

Performance Management Key (VS Key)

When PerformanceManagement keys are generated and provisioned by the Subnet Manager, PerformanceManagement keys should be sent in PerformanceManagement MADs per endport.

Parameter	Description
--pm_key <vs_key>	Specifies constant pm_key. PerformanceManagement Key parameter value format: 0x<hex_value>
--pm_key_file <path_to_pm_key_file>	Specifies the path to pm_key_file: guid2pm_key. The guid2pm_key file includes pair of values GUID and key in the following format: 0x<guid_hex_value> 0x<pm_key_hex_value> (Deprecated, see --security_keys).

Parameter

Description

--pm_key <vs_key>

Specifies constant pm_key.
PerformanceManagement Key parameter value format: 0x<hex_value>

--pm_key_file <path_to_pm_key_file>

Specifies the path to pm_key_file: guid2pm_key.
The guid2pm_key file includes pair of values GUID and key in the following format:
0x<guid_hex_value> 0x<pm_key_hex_value>

(Deprecated, see --security_keys).

Example of guid2pmkey FILE:

0x0000000000000111 0x0000000000000001
0x0000000000000222 0x2
0x0000000000000333 0x0000000003
0x0000000000000444 0x0000000000000004

Example:

ibdiagnet --vs_key 0x0000000000000123
ibdiagnet --vs_key 0x123

Aggregation Management Key (AMKey)

Aggregation Management Key (AM key) is sent in SHARP Management MADs to the Aggregation nodes. (default 0). Aggregation management key is configured in SHARP Aggregation Manager configuration file.

Parameter	Description
--am_key <am_key>	Specifies constant am_key. AM Key parameter value format: `0x<hex_value>`
--am_key_file <path_to_am_key_file>	Specifies the path to am_key_file: guid2am_key. The guid2am_key file includes pair of values GUID and key in the following format: `0x<guid_hex_value> 0x<am_key_hex_value>`

Example of guid2amkey file:

0x0000000000000111 0x0000000000000001
0x0000000000000222 0x2
0x0000000000000333 0x0000000003
0x0000000000000444 0x0000000000000004

Example:

ibdiagnet --am_key 0x0000000000000123
ibdiagnet --am_key 0x123
ibdiagnet --am_key_file /tmp/guid2am_key
ibdiagnet --am_key_file /tmp/am_keys

Last updated: June 03, 2026