cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
669
Views
10
Helpful
9
Replies

Login into switch

Sundayfat
Level 1
Level 1

Pls, help asap. I have got problems with login into a switch. I have just copied and pasted the Telnet pw as given. It reported "bad password" each time. I don't know what that "7" here means. I want to believe is the user number.

hostname CSIGBN08

enable password 7 12CV52566SA5844WDD

line con 0

line vty 0 4

password 7 556A66ADA46SAS46ASS6646646

login

line vty 5 15

password 7 12AS5455S5656ADAS466A4F56G

login

9 Replies 9

n.nandrekar
Level 4
Level 4

The number "7" there is the access privilage there. I hope that you are not copying it along with "7".

Second thing is that, have you given that string as password? I think that there was some other password and "service password-encryption" was enabled. What you are seeing there is not the actual password but a hash value (encrypted password).

You cant copy paste that for the password.

Regards,

Niranjan

( Please rate the post if it solves your issue.)

Thanks for your reaction. I received "Bad password". I had copied and pasted the password without the 7, when it failed. I tried again with the 7. I realised the pw- is hashed / encrypted. But, the "sh run" output is what the former administrator sent to, as the pw. What do your suggest ?

Just a small correction to Niranjan's post

The number 7 actually means that the password has been encrypted with the weak algorithm and can be reversed using online password breaking tools

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00801d7efa.shtml

you can use some online passowrd breaking tools to get the passowrd eg.

http://www.ifm.net.nz/cookbooks/passwordcracker.html

Narayan

Hi!

Thanks for pointing out the mistake! :)

Hi,

Niranjan is not right with the number 7.

Its not the privilage.

all passwords and other authentication strings in Cisco IOS configuration files are encrypted using the weak, reversible scheme used for user passwords.

To determine which scheme has been used to encrypt a specific password, check the digit preceding the encrypted string in the configuration file. If that digit is a 7, the password has been encrypted using the weak algorithm. If the digit is a 5, the password has been hashed using the stronger MD5 algorithm.

For example, in the configuration command:

enable secret 5 $1$iUjJ$cDZ03KKGh7mHfX2RSbDqP.

The enable secret has been hashed with MD5, whereas in the command:

username jdoe password 7 07362E590E1B1C041B1E124C0A2F2E206832752E1A01134D

The password has been encrypted using the weak reversible algorithm.

Below is the link which can provide you with more information.

http://www.cisco.com/warp/public/701/64.html

When you provie with the command "service password-encription" you will see the output as you have pasted above.

The password followed with 5 cannat be decripted since its MD5 algorith. 7 can be.

Privilage config would be seen like below in running config.

username cisco privilege 7 password 0 cisco

And yes the pasword with 7 can be broken using tool. Boson has one.

Hope this helps.

Hi, Niranjan. I very much appreciate your assistance here. Just to bother further, do you think when I send syntax "sh tech-support" in EXEC user mode of that Switch,I shall get the output to have the password so needed. I have only access to the user mode, for now- thru console connection. Just send me what syntax I need send pls. Thanks once more

1st the show tech-support would not work in EXEC user mode.

In fact if you give show tech-support you will not get the password.

Below is how the output would look for show running config in tech-support.

enable secret 5

!

username cisco password 7

line con 0

exec-timeout 0 0

line vty 0 4

password 7

length 0

line vty 5 15

password 7

Hope this helps.

Regards,

Pravin

Tim Smith
Level 4
Level 4

Hi,

Have you unencrypted the password and tried it as the other guys suggested?

Do you have physical access to the switch?

If so, you could do a password recovery.

All the procedures are listed on the Cisco site.

Just to note - it will be service impacting however.

Cheers,

Tim

Yes as Tim said thats the only one way you can retrive the password which i can see now.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00801746e6.shtml

Regards,

Pravin..

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: