Secure the Cisco IOS image and archive a copy of the running configuration.
The secure boot-image command enables Cisco IOS image resilience, which hides the file from the dir command and show commands. The file cannot be viewed, copied, modified, or removed using EXEC mode commands. (It can be viewed in ROMMON mode.) When turned on for the first time, the running image is secured.
R1(config)# secure boot-image
.Feb 11 25:40:13.170: %IOS_RESILIENCE-5-IMAGE_RESIL_ACTIVE: Successfully secured running image
The secure boot-config command takes a snapshot of the router running configuration and securely archives it in persistent storage (flash).
R1(config)# secure boot-config
.Feb 11 25:42:18.691: %IOS_RESILIENCE-5-CONFIG_RESIL_ACTIVE: Successfully secured config archive [flash:.runcfg-20150211-224218.ar]
Verify that your image and configuration are secured.
You can use only the show secure bootset command to display the archived filename. Display the status of configuration resilience and the primary bootset filename.
R1# show secure bootset
IOS resilience router id FTX1111W0QF
IOS image resilience version 15.4 activated at 25:40:13 UTC Wed Feb 11 2015
Secure archive flash: c1900-universalk9-mz.SPA.154-3.M2.bin type is image (elf)
[]
file size is 75551300 bytes, run size is 75730352 bytes
Runnable image, entry point 0x8000F000, run from ram
IOS configuration resilience version 15.4 activated at 25:42:18 UTC Wed Feb 11 2015
Secure archive flash:.runcfg-20150211-224218.ar type is config
configuration archive size 3293 bytes
What is the name of the archived running config file and on what is the name based?
____________________________________________________________________________________
____________________________________________________________________________________
Share with your friends: |
