Cisco Cisco ASA 5520 Adaptive Security Appliance 기술 매뉴얼
Securing config
Image verification on ASA
Starting from 9.1(2) and 8.4(4.1), Support for SHA-512 image integrity checking was added. To
verify the checksum of a file, use the verify command in privileged EXEC mode.
verify the checksum of a file, use the verify command in privileged EXEC mode.
Calculates and displays the MD5 value for the specified software image. Compare this value with
the value available on Cisco.com for this image.
the value available on Cisco.com for this image.
verify [ /md5 path ] [ md5-value ]
Passwords in the config
All the passwords and the Keys are either encrypted or obfuscated . The "show running-config"
does not reveal the actual passwords.
does not reveal the actual passwords.
Such a backup cannot be used for backup/restore on ASA. The backup which is taken for restore
purposes whould be performed using the command "more system:running-config".The ASA config
passwords can be encrypted using a master pass phrase. Please refer
purposes whould be performed using the command "more system:running-config".The ASA config
passwords can be encrypted using a master pass phrase. Please refer
detailed information.
Service password recovery
Disabling this will disable password recovery mechanism and disable access to ROMMON. The
only means of recovering from lost or forgotten passwords will be for ROMMON to erase all file
systems including configuration files and images. You should make a backup of your configuration
and have a mechanism to restore images from the ROMMON command line.
only means of recovering from lost or forgotten passwords will be for ROMMON to erase all file
systems including configuration files and images. You should make a backup of your configuration
and have a mechanism to restore images from the ROMMON command line.
Troubleshoot
There is no troubleshooting section for this document.