Verifying the flash is signed
Enter this command to verify that the firmware image has been verified and signed.
Syntax
verify signature flash <primary | secondary>
Verifies the signature of a switch’s firmware image .
Setting the diagnostic level
The diagnostic level should be set to standard when using enhanced secure mode. To display the diagnostic level, enter the show diagnostic-level command.
To set the diagnostic level from the ROM console, enter this command.
Syntax
diagnostic-level <standard | support>
Sets the diagnostic level.
Zeroizing from the ROM console
It is possible to zeroize the file storage from the ROM console of the switch, using the erase-all zeroize command at the prompt. This most likely occurs during a switch recovery process.
=> erase-all zeroize
The system will be rebooted and all management module files
except software images will be erased and zeroized. This will
take up to 60 minutes and the switch will not be usable during
that time. Continue (y/n)? y
Error messages that may occur when executing secure-mode:
|
Initial check failure message:
|
This command can only be run on a serial terminal
|
|
Possible pre-check failure messages:
|
-
The default boot image is not set.
-
The default boot image must be the same image that is running
-
Standby Management Module is not responding
-
Active and Standby Management Modules are not in sync
-
The current software image was downloaded with an older software version and does not have its signature. Download the image again.
|
|
After rebooting:
|
Secure-mode transition failed. Standby Management Module is not responding.
|