The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The Secure Storage feature protects critical configuration information by encrypting it. This includes asymmetric key-pairs, pre-shared secrets, the type 6 password encryption key, and specific credentials. To ensure security, an instance-unique encryption key is stored within the hardware trust anchor, preventing unauthorized access or compromise.
Secure storage is disabled by default. Perform this task to enable secure storage.
|
Step 1 |
enable Example:Enables privileged EXEC mode. Enter your password, if prompted. |
||
|
Step 2 |
configure terminal Example:Enters global configuration mode. |
||
|
Step 3 |
[no] service private-config-encryption Example:Enables secure storage on the device. Use the no form of this command to disable secure storage on the device
|
||
|
Step 4 |
end Example:Returns to privileged EXEC mode. |
||
|
Step 5 |
write memory Example:Encrypts the private-config file and saves the file in an encrypted format. |
The following is a sample output to verify if encryption status is enabled.
Device# show parser encrypt file status
Feature: Enabled
File Format: Cipher text
Encryption Version: ver1 In this example, the file format is displayed as Cipher text. This indicates that file is encrypted and secure storage is enabled.
Feedback