×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

enable secret & service password encryption on ASA?

Unanswered Question
Feb 24th, 2008
User Badges:

Hi, I've noticed on our Cisco ASA 5520 that it's only using "enable password" all I have to do (via telnet) is put in the password of cisco and then if I type "enable" and password of cisco then I'm on!


Should I be prompted with a username and password?


I've look on the CLI config and I can't see the username cisco or passord cisco anywhere! I have found the "enable password" which is encrypted. What should I do as I don't want to lose access. Should I use "enable secret" instead? and "service password encryption"?


I've noticed SSH2 is enabled, but what username/password woudl this be, level 15?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Harald-Norvik Sun, 02/24/2008 - 17:17
User Badges:

Change the following in your config:

passwd


enable password


These are in effect as long as you are not running aaa. The default username on telnet/ssh access is pix for the level 15 access using the http interface use enable_15


... and by the way, the PIX/ASA encryption of the passwords is a one way hash - it cannot be decrypted. Not like the level 7 encryption on the IOS routers.


Harald

whiteford Mon, 02/25/2008 - 01:26
User Badges:

Great, I will do:


passwd


enable password


You are right I only use the router IOS and assumed I'd have to use eanble seret, service password encryption etc...

amolhempour Tue, 07/15/2008 - 12:16
User Badges:

How can you change the default username for SSH on a pix ?

Actions

This Discussion