03-13-2009 01:38 AM - edited 03-06-2019 04:34 AM
Not sure if this is a bug or a new feature ?
switchname(config)#enable secret 5 XXXXXXXXXXXXXX (encrypted password)
ERROR: The secret you entered is not a valid encrypted secret.
To enter an UNENCRYPTED secret, do not specify type 5 encryption.
When you properly enter an UNENCRYPTED secret, it will be encrypted.
Hope that this is a bug, but have anybody else a fix for this problem ?
cut & paste of old config doen't work any longer. :-(
03-13-2009 03:22 AM
Hello Roar,
the message says to use
enable secret
I would so and I would leave to the device to create the encrypted version of the secret
these are the options
enable secret ?
0 Specifies an UNENCRYPTED password will follow
5 Specifies an ENCRYPTED secret will follow
LINE The UNENCRYPTED (cleartext) 'enable' secret
Hope to help
Giuseppe
03-15-2009 06:00 PM
This is probably an "undocumented feature". I can't even see this command anymore in the 12.2(50)SE Switch Command Reference.
Typing the enable secret
no service password-encryption
!
enable secret 5 $1$TZVm$SSMOghMN0RymiQKxNfmUC.
enable password juniper
Not good.
05-01-2009 09:34 AM
Service password-encryption has nothing to do with any "secret" passwords. They are automatically shown hashed MD5 output.
Service password-encryption only encrypts clear text passwords utilizing the "password 7" cipher (Vigenere). The passwords are not "encrypted". They are obfuscated to keep people from shoulder surfing.
03-17-2009 07:11 AM
You can get the crypts in by partial config file transfer via tftp/scp, and they still work from flash. It's just from the commandline that this is borked.
03-17-2009 10:38 AM
Hi,
This appears to be a new bug that has not been fixed yet.
The bug is CSCsy24510: IOS no longer accepts encrypted password / secret
03-17-2009 03:54 PM
Hi Erich,
Thanks for point us to the right direction. +5
05-01-2009 08:22 AM
I've just confirmed that 12.2(50)SE1 has fixed this bug. I was finally able to paste in my encrypted secret passwords from the command-line. I'm glad I found this thread, because I was banging my head against the wall.
05-01-2009 08:48 AM
Hello there,
I am not sure which version of IOS you're running but, this indeed looks like the bug I pointed out.
CSCsy24510 IOS no longer accepts encrypted password / secret
It is fixed in 12.2(50)SE1.
05-01-2009 08:51 AM
Oops,
Still learning the NetPro tool. Glad to know that your problem is fixed.
Just to summarize, this bug is fixed in 12.2(50)SE1.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide