Chapter 7 System Security; Per-Chassis Key Identifier - Cisco ASR 5500 Administration Manual
Asr 5500 system administration guide, staros release 19
Hide thumbs
Also See for ASR 5500:
- System administration manual (430 pages) ,
- Installation manual (192 pages) ,
- Installation procedure overview (6 pages)
Table of Contents
Advertisement
System Security
This chapter describes the security features supported on the ASR 5500 platform.
This chapter explores the following topics:
•
•
•
•
•
Per-Chassis Key Identifier
A user can set a unique chassis key which will work only for a chassis or for any set of chassis that will share
the same configuration information.
The chassis key consists of 1 to 16 alphanumeric ASCII characters. The chassis key plain-text value is never
displayed to the user; it is entered interactively and not echoed to the user.
On the ASR5500 the encrypted chassis key is stored in the midplane EEPROM and shared by both MIO/UMIOs.
If the chassis key identifier stored in the header comment line of the configuration file does not match the
chassis key, an error message is displayed to the user. The user can change the chassis key value simply by
entering the chassis key again. The previous chassis key is replaced by a new chassis key. The user is not
required to enter a chassis key.
If the user does not configure a chassis key, the system generates a unique value for that chassis.
Important
Per-Chassis Key Identifier, page 81
Encrypted SNMP Community Strings, page 84
Lawful Intercept Restrictions, page 84
Adding, Modifying and Removing Users, page 85
Test-Commands, page 86
Changing a chassis key may invalidate previously generated configurations. This is because any secret
portions of the earlier generated configuration will have used a different encryption key. For this reason
the configuration needs to be recreated and restored.
C H A P T E R
ASR 5500 System Administration Guide, StarOS Release 19
7
81
Advertisement
Table of Contents
Troubleshooting
