C613-50100-01 REV C Command Reference for x930 Series 243
AlliedWare Plus™ Operating System - Version 5.4.6-1.x
SYSTEM CONFIGURATION AND MONITORING COMMANDS
CRYPTO
SECURE-MODE
crypto secure-mode
Overview Use this command to put the device into secure mode. When in secure mode, the
following are disabled:
•Telnet
• SSHv1
•SNMPv1/v2
• All privilege levels except 1 and 15
• Weak cryptographic algorithms e.g. MD5, RSA1, DSA, etc.
Use the no variant of this command to leave secure mode. You should delete all
sensitive information first; see the Example section below.
Syntax
crypto secure-mode
no crypto secure-mode
Default By default, the switch is not in secure mode.
Mode Global Configuration
Usage Before entering secure mode, the flash should first be erased completely using the
bootloader. To do this, on boot-up, use Ctrl-D to enter the diagnostic menu, select
option 7 “Bootup stage 2 diagnostics menu”, and then select option 4 “Erase
FLASH (Filesystem only)”. The switch should be rebooted after completion of the
erase process.
Example To enter secure mode, use the commands:
awplus# configure terminal
awplus(config)# crypto secure-mode
awplus(config)# exit
awplus# write
awplus# reboot
To confirm that the switch is in secure mode, use the command:
awplus# show secure-mode
The following message should be displayed:
Secure mode is enabled
To Next Page
Loading...
Need help?
General
