12.2(50)SE Bug ? - Cisco Community

1077

Views

5

Helpful

9

Replies

Not sure if this is a bug or a new feature ?

switchname(config)#enable secret 5 XXXXXXXXXXXXXX (encrypted password)

ERROR: The secret you entered is not a valid encrypted secret.

To enter an UNENCRYPTED secret, do not specify type 5 encryption.

When you properly enter an UNENCRYPTED secret, it will be encrypted.

Hope that this is a bug, but have anybody else a fix for this problem ?

cut & paste of old config doen't work any longer. :-(

9 Replies 9

Hello Roar,

the message says to use

enable secret

I would so and I would leave to the device to create the encrypted version of the secret

these are the options

enable secret ?

0 Specifies an UNENCRYPTED password will follow

5 Specifies an ENCRYPTED secret will follow

LINE The UNENCRYPTED (cleartext) 'enable' secret

Hope to help

Giuseppe

This is probably an "undocumented feature". I can't even see this command anymore in the 12.2(50)SE Switch Command Reference.

Typing the enable secret and the appliance will automatically encrypt it event though the "no service password-encrypt" is available. See below:

no service password-encryption

!

enable secret 5 $1$TZVm$SSMOghMN0RymiQKxNfmUC.

enable password juniper

Not good.

Service password-encryption has nothing to do with any "secret" passwords. They are automatically shown hashed MD5 output.

Service password-encryption only encrypts clear text passwords utilizing the "password 7" cipher (Vigenere). The passwords are not "encrypted". They are obfuscated to keep people from shoulder surfing.

You can get the crypts in by partial config file transfer via tftp/scp, and they still work from flash. It's just from the commandline that this is borked.

Hi,

This appears to be a new bug that has not been fixed yet.

The bug is CSCsy24510: IOS no longer accepts encrypted password / secret

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsy24510

Hi Erich,

Thanks for point us to the right direction. +5

I've just confirmed that 12.2(50)SE1 has fixed this bug. I was finally able to paste in my encrypted secret passwords from the command-line. I'm glad I found this thread, because I was banging my head against the wall.

Hello there,

I am not sure which version of IOS you're running but, this indeed looks like the bug I pointed out.

CSCsy24510 IOS no longer accepts encrypted password / secret

It is fixed in 12.2(50)SE1.

Oops,

Still learning the NetPro tool. Glad to know that your problem is fixed.

Just to summarize, this bug is fixed in 12.2(50)SE1.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking products for a $25 gift card