C613-50631-01 Rev A Command Reference for IE340 Series 2515
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
PUBLIC KEY INFRASTRUCTURE AND CRYPTO COMMANDS
CRYPTO
SECURE-MODE
crypto secure-mode
Overview Use this command to put the device into Secure Mode. When in Secure Mode, the
following are disabled:
•Telnet
• SSHv1
•SNMPv1/v2
• All privilege levels except 1 and 15
• Algorithms that are not supported under FIPS, including MD5, RSA-1 and
DSA
• The ability to store passwords in cleartext and to specify an enable
password.
In Secure Mode, the web server on the device (used by the Device GUI) only
accepts AES128-SHA ciphers.
Note: Stacking is not supported in Secure Mode.
Use the no variant of this command to leave Secure Mode. You should delete all
sensitive information first; see the "Getting Started with AlliedWare Plus" Feature
Overview and Configuration Guide.
Syntax
crypto secure-mode
no crypto secure-mode
Default By default, the device is not in Secure Mode.
Mode Global Configuration
Example For step-by-step instructions about how to enter and leave Secure Mode, see “How
to Enable Secure Mode” in the "Getting Started with AlliedWare Plus" Feature
Overview and Configuration Guide.
Related
commands
boot system
crypto key zeroize
crypto pki trustpoint
crypto verify
show secure-mode
Command
changes
Version 5.4.6-1.1: command added to x930 Series
Version 5.4.8-1.2: command added to x220, XS900MX, x550 Series
Version 5.4.8-2.1: command added to SBx908 GEN2, x950 Series
To Next Page
Loading...
