KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch

501

502

503

504

505

506

507

508

509

510

Operating notes for passwords in enhanced secure mode

The following rules are in effect when enhanced secure mode is enabled or the system is transitioning

to enhanced secure mode.

• Switching access levels, for example, from manager to operator, requires going through the

appropriate authentication process for that access level.

• Passwords must be at least 8 characters.

• The password for operator, manager, or ROM cannot be disabled. See “Secure Mode (3800,

5400zl, and 8200zl Switches)” (page 498).

• If a password is changed, it has to be entered twice, unless it is already hashed by SHA1 in

the existing command for Operator or Manager.

• When setting the password at the Operator level, the word “Manager” cannot be a username;

conversely, when setting a password at the Manager level, the word “Operator” cannot be

a username. These are case-insensitive.

• A password is required for every login regardless of access level. The username corresponding

to the login level (Manager/Operator) must be specified.

• Access to ROM functionality is password protected.

• When there is a Standby Management Module (SMM), the passwords are synchronized to

the SMM.

Troubleshooting

Verifying the flash is signed

Enter this command to verify that the firmware image has been verified and signed.

Syntax

verify signature flash <primary | secondary>

Verifies the signature of a switch’s firmware image .

• primary: Verifies the primary flash image.

• secondary: Verifies the secondary flash image.

Setting the diagnostic level

The diagnostic level should be set to standard when using enhanced secure mode. To display the

diagnostic level, enter the show diagnostic-level command.

To set the diagnostic level from the ROM console, enter this command.

Syntax

diagnostic-level <standard | support>

Sets the diagnostic level.

Zeroizing from the ROM console

It is possible to zeroize the file storage from the ROM console of the switch, using the erase-all

zeroize command at the prompt. This most likely occurs during a switch recovery process.

=> erase-all zeroize

The system will be rebooted and all management module files

except software images will be erased and zeroized. This will

take up to 60 minutes and the switch will not be usable during

that time. Continue (y/n)? y

Troubleshooting 503