Configuration File Encryption
Configuration Condition
- To encrypt the configuration file, you need to insert the USB device.
Configure Configuration File Encryption
The configuration file encryption adopts the SM4 algorithm to encrypt the configuration file. The key is specified by the user. After the user specifies the key, encrypt the configuration file when executing the write action next time.
Operation record encryption adopts the SM4 algorithm to encrypt the configuration and the key is specified by the user. After the user specifies the key, start encrypting the subsequent operation record.
Table 6-7 Configuration file encryption and operation record encryption
Step
|
Command
|
Description
|
Enter the global configuration mode
|
config terminal
|
-
|
Configuration file encryption
|
service encryption startup algorithms SM4 key password
|
Configuration file encryption, the user specifies the key
|
Operation record encryption
|
service encryption history algorithms SM4 key password
|
Operation record encryption, the user specifies the key
|
-
The configuration file encryption takes effect during the next write action after configuring the encryption function. The operation record encryption takes effect at once after configuring the encryption function.
- To configure the encryption function, you need to insert the external USB device. The operation record encryption function does not need the USB device.