CHAPTER 16
Configuring Secure Storage
• Information About Secure Storage, on page 299
• Enabling Secure Storage , on page 299
• Disabling Secure Storage , on page 300
• Verifying the Status of Encryption, on page 300
• Feature Information for Secure Storage, on page 301
Information About Secure Storage
Secure Storage feature allows you to secure critical configuration information by encrypting it. It encrypts
asymmetric key-pairs, pre-shared secrets, the type 6 password encryption key and certain credentials. An
instance-unique encryption key is stored in the hardware trust anchor to prevent it from being compromised.
By default, this feature is enabled on devices that come with a hardware trust anchor. This feature is not
supported on devices that do not have hardware trust anchor.
Enabling Secure Storage
Before you begin
By default, this feature is enabled. Perform this procedure only after disabling secure storage on the device.
Procedure
PurposeCommand or Action
Enters the global configuration mode.configure terminal
Example:
Step 1
Device# configure terminal
Enables the Secure Storage feature on your
device.
service private-config-encryption
Example:
Step 2
DEvice(config)# service
private-config-encryption
System Management Configuration Guide, Cisco IOS XE Amsterdam 17.2.x (Catalyst 9500 Switches)
299
To Next Page
Loading...
