Home > Production Story > USB eToken

USB eToken

As I mentioned, I was checking for USB eToken implementation details as I was helping a friend to think through his token testing process. My friend was looking to utilize his existing eTokens and I was happy to play with this cool technology with him.

So what is it?
USB eToken is a feature that supports the eToken Pro key by SafeNet Inc. (previously owned by Aladdin Knowledge Systems).

This feature provides primary secure means to store and deploy information separate from the router chassis, usually a bootstrap configuration or VPN credentials. This feature enables secure and portable loading of router credentials and configuration data supported by low-touch and enterprise level provisioning systems.

Using USB eToken you can also store passwords, IOS images and IPSec VPN credentials. This is called ‘Removable Credentials’ in the Cisco language.

Starting IOS 12.3(14)T Cisco support a USB Flash Module,  hardware device sold by Cisco that expand the router capabilities on the 2800 series that I was looking at. The USB module come in 64, 128 or 256MB USB 2.0 versions, the eToken is also USB 2.0 device. USB Flash module can be used with any Cisco IOS feature set, IP Base and above.

I’ll show some basic commands, use this white paper for more details:

router(config)#crypto pki token default user-pin 0 1234567890

That would be an auto login command using the default PIN.
Another command change the user PIN from 1234 to 9753:

crypto pki token usbtoken0 admin login 1234
crypto pki token usbtoken0 change-pin 9753

Check this crypto pki command reference for much more.
The following is an output after the router recognize the eToken:

*Aug 22 10:34:44.060: %CRYPTO-6-TOKENLOGIN: Cryptographic Token eToken Login Successful
*Aug 22 10:34:47.711: %USB_TOKEN_FILESYS-6-REGISTERED_WITH_IFS: USB Token File System usbtoken0 is registered…
This post is just a glimpse to the world of Cisco USB and eTokens, if you’re interested in this world you might find this page a good start.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: