The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The MD5 File Validation feature provides a Cisco IOS software command you can use to ensure file validation using the Message Digest 5 (MD5) algorithm in the Cisco IOS File System (IFS).
The MD5 File Validation feature allows you to check the integrity of a Cisco IOS software image by comparing its MD5 checksum value against a known MD5 checksum value for the image. MD5 values are now made available on Cisco.com for all Cisco IOS software images for comparison against local system image values.
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for MD5 File Validation" section.
Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
•Restrictions for MD5 File Validation
•Information About MD5 File Validation
•How to Validate Files Using the MD5 Algorithm
•Configuration Examples for MD5 File Validation
•Feature Information for MD5 File Validation
The MD5 File Validation feature can only be used to check the integrity of a Cisco IOS software image that is stored on a Cisco IOS device. It cannot be used to check the integrity of an image on a remote file system or an image running in memory.
To configure the MD5 File Validation feature, you should understand the following concept:
The MD5 File Validation feature provides a mechanism for users to verify that system image files are not corrupted or incomplete. This feature uses the industry-standard MD5 algorithm for improved reliability and security. MD5 file validation computes and displays the MD5 values from the Cisco IOS command-line interface (CLI). Files do not have to be checked on another device.
Note The MD5 file does not have to be on the router in order to verify the Cisco IOS software image.
This section contains the following task:
The MD5 File Validation feature allows you to generate the MD5 checksum for the Cisco IOS image stored on your router and compare it to the value posted on Cisco.com to verify that the image on your router is not corrupted.
Perform this task to run the MD5 integrity check after transferring an image file.
You can obtain the MD5 value for your system image from the Software Center at Cisco.com. The most convenient way to get this value is to click the name of the file prior to download. For example, if you select the 12.2.2T4 Release for the 3640 Platform with the Enterprise Plus Feature Set, before clicking the Download button, you can click the filename for the image (c3640-js-mz.122-2.T4.bin) and the image information will be displayed.
Image information typically includes the Release, Description, File Size, BSD Checksum, Router Checksum, Date Published, and MD5 value for the image. You should record the MD5 value for the image prior to download. However, if you do not have the MD5 value for a previously downloaded image, you can select the same image on Cisco.com (using the same process you would use to download the image) to get the MD5 value.
1. enable
2. verify /md5 filesystem:filename
or
verify /md5 filesystem:filename md5-value
A mismatch in MD5 values means that either the image is corrupt or the wrong MD5 value was entered.
This section provides the following configuration example:
In the following example, the /md5 keyword is used to display the MD5 value for the image stored in disk1 of the device. The MD5 value shown in the last line can be compared to the value provided on Cisco.com.
Router# verify /md5 disk1:
Verify filename []? c7200-js-mz
..................................
..................................
..................................
..................................
..................................
...............................Done!
verify /md5 (disk1:c7200-js-mz) = 0f369ed9e98756f179d4f29d6e7755d3
In the following example, the known MD5 value for the image is specified in the verify command, and the system checks the value against the stored value:
Router# verify /md5 disk1:c7200-js-mz ?
WORD Expected md5 signature
<cr>
router# verify /md5 disk1:c7200-js-mz 0f369ed9e98756f179d4f29d6e7755d3
..................................
..................................
..................................
..................................
..................................
...............................Done!
Verified (disk1:c7200-js-mz) = 0f369ed9e98756f179d4f29d6e7755d3
The following sections provide references related to the MD5 File Validation feature.
|
|
---|---|
Additional commands for loading, maintaining, and rebooting system images |
Cisco IOS Configuration Fundamentals Command Reference |
|
|
---|---|
None |
— |
|
|
---|---|
•None |
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: |
|
|
---|---|
RFC 1321 |
MD5 Message-Digest Algorithm |
The following commands are introduced or modified in the feature or features documented in this module. For information about these commands, see the Cisco IOS Configuration Fundamentals Command Reference at http://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_book.html. For information about all Cisco IOS commands, use the Command Lookup Tool at http://tools.cisco.com/Support/CLILookup or the Cisco IOS Master Command List, All Releases, at http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_book.html.
•verify
Table 1 lists the release history for this feature.
Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.