Manualshelf

User manual

ManualsBrandsCisco Systems ManualsOtherFrozen Dessert Maker SR-207
12345678910
Software Authentication Manager Commands on Cisco IOS XR Software
sam verify
SR-215
Cisco IOS XR System Security Command Reference
If the message digest matches the message digest generated by the sam verify command, the software
component is valid.
Note You should calculate the hash code on the contents of the flash memory code at the destination
networking device using a different set of files from the one loaded on the flash memory card. It is
possible for an unauthorized person to use the same software version to produce the desired (matching)
hash code and thereby disguise that someone has tampered with the new software.
Examples The following example shows how to use MD5 to generate a message digest on the entire file system on
the flash memory card in slot 0 and then use that message digest as input to perform the digest
comparison. The example shows a third sam verify command, issued with a mismatched message digest,
to show the Software Authentication Manager (SAM) response to a mismatch.
RP/0/RP0/CPU0:router# sam verify disk0: MD5
Total file count in disk0: = 813
082183cb6e65a44fd7ca95fe8e93def6
RP/0/RP0/CPU0:router# sam verify disk0: MD5 082183cb6e65a44fd7ca95fe8e93def6
Total file count in disk0: = 813
Same digest values
RP/0/RP0/CPU0:router# sam verify disk0: MD5 3216c9282d97ee7a40b78a4e401158bd
Total file count in disk0: = 813
Different digest values
The following example shows how to use MD5 to generate a message digest and then uses that message
digest as input to perform the digest comparison:
RP/0/RP0/CPU0:router# sam verify disk0: /crl_revoked.bin MD5
38243ffbbe6cdb7a12fa9fa6452956ac
RP/0/RP0/CPU0:router# sam verify disk0: /crl_revoked.bin MD5
38243ffbbe6cdb7a12fa9fa6452956ac
Same digest values