Linksys SPA921 Cisco Small Business IP Telephony Devices Provisioning Guide - Page 40

Encrypting a File with the SPC, target, scramble

Get Linksys SPA921 - Cisco - IP Phone PDF manuals and user guides
UPC - 745883570799
View all Linksys SPA921 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 40 highlights

Creating Provisioning Scripts Encrypting a File with the SPC 2 Encrypting a File with the SPC The SPC can generate different types of configuration files, using different types of encryption. • Generic, non-targeted CFG file, without an explicit key • Targeted (--target option), also encrypts the CFG file without an explicit key, but uses the MAC address of the target IP Telephony Device, and only that device can decode it • Explicit key-based encryption of the CFG file. A generic, non-targeted CFG file is accepted as valid by any IP Telephony Device that resyncs to it. The following command generates a basic CFG file: spc spa962.txt spa962.cfg This example compiles the plain-text spa962.txt file into the binary spa962.cfg file understood by the SPA962. The --scramble option performs encryption that does not require the explicit transmission of a key to the target device. It requires one randomizing argument. For example, spc --scramble SomeSecretPhrase spa962.txt spa962.cfg The resulting encrypted spa962.cfg is accepted as valid by any IP Telephony Device that resyncs to it. The --target option also encrypts the CFG file without the need to explicitly transmit a key, but does so in such a way that only the target IP Telephony Device can decode it. Targeted CFG files provide a basic level of security. This command uses the MAC address of the target device as an argument. Refer to the following example: spc --target 000e08aabbcc spa962.txt spa962.cfg This command uses the MAC address 000e08aabbcc, and only the IP Telephony Device with that MAC address is able to decrypt and process the generated spa962.cfg profile. If any other IP Telephony Device attempts to resync to this file, the device will reject the file as unreadable. The third option performs an explicit key-based encryption of the CFG file. This option requires that the key used to encrypt the file be preprovisioned in the target device, so that it can be decoded. Cisco Small Business IP Telephony Devices Provisioning Guide 38

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
Creating Provisioning Scripts
Encrypting a File with the SPC
Cisco Small Business IP Telephony Devices Provisioning Guide
38
2
Encrypting a File with the SPC
The SPC can generate different types of configuration files, using different types
of encryption.
Generic, non-targeted CFG file, without an explicit key
Targeted (
--target
option), also encrypts the CFG file without an explicit
key, but uses the MAC address of the target IP Telephony Device, and only
that device can decode it
Explicit key-based encryption of the CFG file.
A generic, non-targeted CFG file is accepted as valid by any IP Telephony Device
that resyncs to it. The following command generates a basic CFG file:
spc spa962.txt spa962.cfg
This example compiles the plain-text spa962.txt file into the binary spa962.cfg file
understood by the SPA962. The
--scramble
option
performs encryption that does
not require the explicit transmission of a key to the target device. It requires one
randomizing argument. For example,
spc --scramble SomeSecretPhrase spa962.txt spa962.cfg
The resulting encrypted spa962.cfg is accepted as valid by any IP Telephony
Device that resyncs to it.
The
--target
option also encrypts the CFG file without the need to explicitly
transmit a key, but does so in such a way that only the target IP Telephony Device
can decode it. Targeted CFG files provide a basic level of security. This command
uses the MAC address of the target device as an argument. Refer to the following
example:
spc --target 000e08aabbcc spa962.txt spa962.cfg
This command uses the MAC address 000e08aabbcc, and only the IP Telephony
Device with that MAC address is able to decrypt and process the generated
spa962.cfg profile. If any other IP Telephony Device attempts to resync to this file,
the device will reject the file as unreadable.
The third option performs an explicit key-based encryption of the CFG file. This
option requires that the key used to encrypt the file be preprovisioned in the target
device, so that it can be decoded.