The integrity of the software used on Aruba devices is important to device security hence network administrators has to perform AOS Image File Verification to reduce the risk of malicious code being installed on Aruba AOS devices. SHA-256 hashes used properly can confirm both file integrity and authenticity. SHA-256 serves a similar purpose to a prior algorithm recommended by Aruba, MD5, but is less vulnerable to attack.
Comparing hashes makes it possible to detect changes in files that would cause errors. The possibility of changes (errors) is proportional to the size of the file; the possibility of errors increase as the file becomes larger. It is a very good practice to run an SHA-256 hash comparison check when you have a file like an AOS image file that has to be 100% correct.
In terms of security, cryptographic hashes such as SHA-256 allow for authentication of data obtained from insecure sources. The SHA-256 hash must be obtained from a secure source such as a Aruba HTTPS Webpage.
Network administrators need to know and trust the tools that can be used to verify the authenticity of a Aruba AOS software image.
When downloading an AOS software image from http://support.arubanetworks.com/, Also download the Aruba.sha256 file.
- Once the image has been downloaded to an administrative workstation, the SHA256 hash of the local file should be verified against the hash presented by the AOS Software image , There are several Third party free software likeHashVerifier ( Windows ) and sha256sum ( Linux ) available which can be perform AOS Image File Verification