No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
Atlas 900 Compute Node 1.0.7 to 1.0.10 npu-smi Command Reference 04
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Revoking a Key

Revoking a Key

Function

npu-smi set -t revocate -i id -c chip_id -f file_path command is used to revoke a key.

  • This product can work in SMP or AMP mode. When it works in AMP mode, only the key on the specified NPU is revoked. When it works in SMP mode, a message is displayed, asking you whether to revoke keys on all NPUs. If you enter y, keys on all NPUs are revoked. If you enter n, the revocation operation quits.
  • To query the working mode, log in to the iBMC and run the ipmcget -d npu command.
  • For details about how to switch the working mode, see "Querying and Setting the NPU Chip Working Mode" in the Atlas 900 Compute Node iBMC (V3.01.00.00 or Later) User Guide.
  • Revoking a key is irreversible. If a key is revoked, it cannot be restored. Exercise caution when performing this operation.

Syntax

npu-smi set -t revocate -i id -c chip_id -f file_path

Parameters

Parameter

Description

id

NPU ID.

chip_id

Chip ID.

file_path

Path of the key revocation file.

The file path can contain only letters, digits, underscores (_), periods (.), slashes (/), and hyphens (-).

NOTE:

For details about how to obtain the key revocation file, contact Huawei technical support.

Restrictions

  • This command must be run as the root user on a physical machine. If it is run as a non-root user on the physical machine, in a container, or on a VM, an error is reported.
  • This command is used only when you need to revoke a key and a correct revocation file has been obtained. Otherwise, the command fails to be executed.
  • The device is no longer available after key revocation.

Example

#Revoke a key on NPU 2 in AMP mode.

npu-smi set -t revocate -i 2 -c 0 -f ***_CERT.data
        Status                         : OK         
        Message                        : Set server revocate successfully

#Revoke a key on NPU 2 in SMP mode.

npu-smi set -t revocate -i 2 -c 0 -f ***_CERT.data
It's SMP mode, it will revoke all device's certificates, do you want to continue revoke? [y/n]
n
npu-smi set -t revocate -i 2 -c 0 -f ***_CERT.data
It's SMP mode, it will revoke all device's certificates, do you want to continue revoke? [y/n]
y
        Status                         : OK         
        Message                        : Set server revocate successfully

Replace ***_CERT.data with the actual name of the key revocation file.

Translation
简体中文
Download
Updated: 2021-08-06

Document ID: EDOC1100152128

Views: 8743

Downloads: 6

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :