enable secret & service password encryption on ASA?

Unanswered Question
Feb 24th, 2008

Hi, I've noticed on our Cisco ASA 5520 that it's only using "enable password" all I have to do (via telnet) is put in the password of cisco and then if I type "enable" and password of cisco then I'm on!

Should I be prompted with a username and password?

I've look on the CLI config and I can't see the username cisco or passord cisco anywhere! I have found the "enable password" which is encrypted. What should I do as I don't want to lose access. Should I use "enable secret" instead? and "service password encryption"?

I've noticed SSH2 is enabled, but what username/password woudl this be, level 15?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Harald-Norvik Sun, 02/24/2008 - 17:17

Change the following in your config:

passwd

enable password

These are in effect as long as you are not running aaa. The default username on telnet/ssh access is pix for the level 15 access using the http interface use enable_15

... and by the way, the PIX/ASA encryption of the passwords is a one way hash - it cannot be decrypted. Not like the level 7 encryption on the IOS routers.

Harald

whiteford Mon, 02/25/2008 - 01:26

Great, I will do:

passwd

enable password

You are right I only use the router IOS and assumed I'd have to use eanble seret, service password encryption etc...

Actions

This Discussion