BIOS hardening for RSA Authentication Manager 8.x
Originally Published: 2015-07-07
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
Resolution
Changing the BIOS password requires a reboot of the RSA SecurID Appliance so plan accordingly for an outage.
Steps
- Log in to the RSA SecurID Appliance with the rsaadmin account at the local console and enter the password for rsaadmin when prompted. The password for this account was set up during the deployment of the SecurID Appliance and is unknown to RSA.
- To reboot the RSA SecurID Appliance at the command line, use the command sudo reboot.
- On startup, the SecurID Appliance local console initially shows the RAID Controller BIOS version and RAID configuration information, as shown here:
- On the next screen, the administrator is given the option to press F2 to enter the setup.
- Press F2 to enter the setup.
- You are prompted to enter a password. For example:
- After the BIOS password is entered, the BIOS menu is shown:
- Use the arrow keys on the keyboard to navigate the BIOS menu and select Security. For example:
- Select Set Administrator Password.
- Enter the current password for the BIOS.
- Create a new BIOS password:
- Confirm the new BIOS password:
You may get the following warning if the password is not considered to be strong enough; however, the weak password is still accepted.
Use a strong password to ensure security. Store the new BIOS password in a secure place.
- After the BIOS password change, navigate the BIOS menu and select Exit. For example:
- Select Save Changes and Exit.
- When prompted select Yes to save the configuration and exit.
- The SecurID Appliance will then go through a reboot sequence.
Notes
- Article 000030712 - RSA Authentication Manager 8.1 BIOS hardening provides information that is related to the hardware RSA SecurID Appliance.
