• Author : Baptiste Covolato

 
 

Secure boot

Description Secure boot is an anti tamper mechanism. It verifies the cryptographic signature embedded in an EOS SWI image to validate its authenticity. Upon startup, with the feature turned on, the Aboot bootloader is going to verify the signature against the Arista root certificate. This certificate is burnt into the switch at manufacturing time. Certificates used by Arista to sign SWIs are derived from this secure boot root certificate, allowing it to verify any image coming from Arista. If the verification is successful, the switch proceeds as usual and boots the trusted image. On the contrary, if the verification fails,...
Continue reading →

Hardware watchdog control

This feature allows the possibility to enable/disable the hardware watchdog. By default the hardware watchdog is enabled if supported. Platform compatibility This feature is supported on all Arista Hardware. Note: vEOS, vEOS vRouter and EOS on whitebox do not contain this feature. Configuration The configuration of the hardware watchdog can be done by using the “hardware system-controller watchdog” command in configuration mode. The following examples show respectively how to disable the hardware watchdog and how to re-enable it: Arista#configure Arista(config)#no hardware system-controller watchdog Arista#configure Arista(config)#hardware system-controller watchdog Status – show command The user can determine the state of the hardware...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: