Software Authentication Manager Commands on Cisco IOS XR Software
sam verify
|
|
| If the message digest matches the message digest generated by the sam verify command, the software | |
|
|
| component is valid. | |
|
|
|
|
|
Note | You should calculate the hash code on the contents of the flash memory code at the destination | |||
|
|
| networking device using a different set of files from the one loaded on the flash memory card. It is | |
|
|
| possible for an unauthorized person to use the same software version to produce the desired (matching) | |
|
|
| hash code and thereby disguise that someone has tampered with the new software. | |
|
|
|
|
|
|
|
|
|
|
Examples | The following example shows how to use MD5 to generate a message digest on the entire file system on | |||
|
|
| the flash memory card in slot 0 and then use that message digest as input to perform the digest | |
|
|
| comparison. The example shows a third sam verify command, issued with a mismatched message digest, | |
|
|
| to show the Software Authentication Manager (SAM) response to a mismatch. | |
|
|
| RP/0/RP0/CPU0:router# sam verify disk0: MD5 | |
|
|
| Total file count in disk0: = 813 | |
|
|
| 082183cb6e65a44fd7ca95fe8e93def6 | |
|
|
| RP/0/RP0/CPU0:router# sam verify disk0: MD5 082183cb6e65a44fd7ca95fe8e93def6 | |
|
|
| Total file count in disk0: = 813 | |
|
|
| Same digest values | |
|
|
| RP/0/RP0/CPU0:router# sam verify disk0: MD5 3216c9282d97ee7a40b78a4e401158bd | |
|
|
| Total file count in disk0: = 813 | |
|
|
| Different digest values | |
|
|
| The following example shows how to use MD5 to generate a message digest and then uses that message | |
|
|
| digest as input to perform the digest comparison: | |
|
|
| RP/0/RP0/CPU0:router# sam verify disk0: /crl_revoked.bin MD5 | |
|
|
| 38243ffbbe6cdb7a12fa9fa6452956ac | |
|
|
| RP/0/RP0/CPU0:router# sam verify disk0: /crl_revoked.bin MD5 | |
|
|
| 38243ffbbe6cdb7a12fa9fa6452956ac | |
|
|
| Same digest values |
Cisco IOS XR System Security Command Reference