Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

831

832

833

834

835

836

837

838

839

840

The system continues to display a message stating that startup configuration verification failed. You can disable the startup configuration

feature either by disabling startup configuration verification or save the running configuration to the startup configuration and update the

hash for the startup configuration.

Enabling and Configuring Startup Configuration Hash Verification

To enable and configure startup configuration hash verification, follow these steps:

1. Enable the startup configuration hash verification feature.

CONFIGURATION mode

verified startup-config

2. Generate the hash checksum for your startup configuration file.

EXEC Privilege

generate hash {md5 | sha1 | sha256} {flash://filename | startup-config}

3. Verify the hash checksum of the current startup configuration on the local file system.

EXEC Privilege

verified boot hash startup—config hash-value

NOTE: The verified boot hash command is only applicable for the startup configuration file in the local file

system.

After enabling and configuring startup configuration verification, the device verifies the hash checksum of the startup configuration during

every reload.

DellEMC# verified boot hash startup—config 619A8C1B7A2BC9692A221E2151B9DA9E

Configuring the root User Password

For added security, you can change the root user password.

If you configure the secure-cli command on the system, the Dell EMC Networking OS resets any previously-configured root access

password without displaying any warning message. With the secure-cli command enabled on the system, the CONFIGURATION

mode does not display the root access password option.

To change the default root user password, follow these steps:

• Change the default root user password.

CONFIGURATION mode

root-access password [encryption-type] root-password

Enter an encryption type for the root password.

• 0 directs the system to store the password as clear text.

• 7 directs the system to store the password with a dynamic salt.

• 9 directs the system to encrypt the clear text password and store the encrypted password in an inaccessible location.

When you configure the root access password, ensure that your password meets the following criteria:

• A minimum of eight characters in length

• A minimum of one lower case letter (a to z)

• A minimum of one upper case letter (A to Z)

• A minimum of one numeric character (0 to 9)

• A minimum of one special character including a space (" !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~")

DellEMC)# show running-config | g root

root-access password 7 f4dc0cb9787722dd1084d17f417f164cc7f730d4f03d4f0215294cbd899614e3

Enabling User Lockout for Failed Login Attempts

You can configure the system to lock out local users for a specific period for unsuccessful login attempts.

This feature enhances the security of the switch by locking out the local user account if there are more number of unsuccessful login

attempts than what is configured using the max-retry parameter. To enable the user lock out feature, use the following commands:

Security

837