Security
7705 SAR OS System Management Guide 79
hash-control
Syntax hash-control [read-version {1 | 2 | all}] [write-version {1 | 2}]
no hash-control
Context config>system>security
Description Whenever the user executes a save or info command, the system will encrypt all passwords, keys, and
so on for security reasons. At present, two algorithms exist.
The first algorithm is a simple, short key that can be copied and pasted in a different location when the
user wants to configure the same password. However, because it is the same password and the hash
key is limited to the password/key, it is obvious that it is the same key.
The second algorithm is a more complex key, and cannot be copied and pasted in different locations
in the configuration file. In this case, if the same key or password is used repeatedly in different
contexts, each encrypted (hashed) version will be different.
Default all — read-version set to accept both versions 1 and 2
Parameters read-version {1 | 2 | all} — when the read-version is configured as “all,” both versions 1 and 2
will be accepted by the system. Otherwise, only the selected version will be accepted when
reading configuration or exec files. The presence of incorrect hash versions will abort the
script/startup.
write-version {1 | 2} — selects the hash version that will be used the next time the configuration
file is saved (or an info command is executed). Be careful to save the read and write version
correctly, so that the file can be properly processed after the next reboot or exec.
source-address
Syntax source-address
Context config>system>security
Description This command specifies the source address that should be used in all unsolicited packets sent by the
application.
application
Syntax application app [ip-int-name | ip-address]
no application app
Context config>system>security>source-address
Description This command specifies the application to use the source IPv4 address specified by the source-
address command.
To Next Page
Loading...
