Filter
Top Products
File Transfers
Using USB Autorun
Event Log or Syslog. For details on how to use the switch’s event log or
syslog for help in isolating autorun-related problems, see “Using the Event Log
for Troubleshooting Switch Problems” on page C-27.
Configuring Autorun on the Switch
To enable/disable the autorun feature on the switch, the following commands
can be executed from configuration mode in the CLI.
Syntax: [no] autorun [encryption-key <key-string> | secure-mode]
Enables/disables USB autorun on the switch.
Use the
encryption-key keyword to configure or remove an
encryption-key (a base-64 encoded string). The encryption key
is a pre-requisite for enabling autorun in secure-mode.
Encryption is regarded only when the AutoRun file is also
signed by an authentic source.
Use the
secure-mode keyword to enable or disable secure mode
for autorun.
Default: Enabled (or Disabled if a password has been set).
Enabling Secure Mode
Autorun secure mode can be used to verify the authenticity of autorun
command files. Secure-mode is configured using the autorun secure-mode
command and can be enabled under the following conditions:
■ an encryption-key has already been configured using the autorun
encryption key command; and
■ a trusted certificate for verifying autorun command files has been copied
to the switch using the copy <tftp | usb> autorun-cert-file command.
There is an additional security option to install a valid key-pair for signing the
result files that are generated during autorun operations. The key-pair can be
generated on the switch using the crypto key generate autorun [rsa] command.
Note The key-pair can also be installed from a tftp server or via the usb port using
copy <tftp | usb> autorun-key-file <ipaddr filename> command. The filename must
contain the private key and the matching public key in a X509 certificate
structure. Both the private key and the X509 certificate must be in PEM format.
A-50