Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
51525354555657585960
After you permanently save security configurations to the current startupconfig file using the
write memory command, you can view and manage security settings with the following
commands.
show config
Displays the configuration settings in the current startup-config file.
copy config
copy config source-filename config target-filename: Makes a local copy
of an existing startup-config file by copying the contents of the startup-config file in one
memory slot to a new startup-config file in another, empty memory slot.
copy config tftp
Uploads a configuration file from the switch to a TFTP server
copy tftp config
Downloads a configuration file from a TFTP server to the switch.
copy config xmodem
Uploads a configuration file from the switch to an Xmodem host.
copy xmodem config
Downloads a configuration file from an Xmodem host to the switch.
For more information, see “Transferring Startup-Config Files To or From a Remote Server” in
the Management and Configuration Guide.
The switch can store up to three configuration files. Each configuration file contains its own
security credentials and these security configurations can differ. It is the responsibility of the
system administrator to ensure that the appropriate security credentials are contained in the
configuration file that is loaded with each software image and that all security credentials in
the file are supported.
If you have already enabled the storage of security credentials (including local manager and
operator passwords) by entering the include credentials command, the
Reset-on-clearoption is disabled. When you press the Clear button on the front panel,
the manager and operator usernames and passwords are deleted from the running
configuration. However, the switch does not reboot after the local passwords are erased. (The
Reset-on-clear option normally reboots the switch when you press the Clear button.)
See “Configuring front panel security” (page 40).
If you load a prior software version that does not contain the encryptcredentials feature,
it is important to back up the configuration and then execute the erase startup command
on the switch. Features that have encrypted parameters configured will not work until those
parameters are cleared and reconfigured.
HP recommends that when executing an encrypted-<option> command, you copy and
paste the encrypted parameter from a known encrypted password that has been generated
on the same switch or another switch with the same pre-shared key (whether user-specified or
a default key). If an incorrectly encrypted parameter is used, it is highly likely that the decrypted
version will contain incorrect characters, and neither key function correctly or be displayed
in any show command.
Interaction with include-credentials settings
The following table shows the interaction between include-credentials settings and
encrypt-credentials settings when displaying or transferring the configuration.
Operating Notes 51