06-24-2009 05:51 AM - edited 03-06-2019 06:25 AM
I added this command "enable secret 5 testing" in the cisco switch.I save it (write mem) and restart the switch,the switch prompt me the password when i want to go in to the enable mode. I tried "testing" as the password, but switch reply wrong password. SO, my question here is what password should i use to get into the switch enable mode ?
06-24-2009 07:02 AM
try "5 testing" - actually I don't think you could actually enter a secret using 5 secret - would likely give an error!
06-24-2009 09:09 AM
Hi,
Thanks for your reply! I tried "5 testing" but still failed. FYI, I am able to enter this command "enable secret 5 testing" without any error.
06-24-2009 09:25 AM
deleted.
06-24-2009 09:33 AM
what you meant by deleted ?
06-24-2009 10:40 AM
What platform/IOS version are you using? when you enter the command enable secret 5 - this normally means that the next string will be the password but in encrypted format.
You must be running an old version of IOS
06-24-2009 11:56 AM
enable secret 5 testing
> means that an enable password has been configured. The hashed form of the password is testing.
it should work if you do enable secret testing.
the result in show run will be
enable secret 5 dsfdsfxcxwdsf
update:
as Andrew confirmed before
06-24-2009 03:51 PM
Hi Davy,
Understood.
So what is the password in clear text for the hashed form password of "testing"?
Thanks
06-24-2009 03:47 PM
Hi Andrew,
My IOS version is "c3560-ipbase-mz.122-35.SE5".
I understood that the next string after the 5 is password but in encrypted format.
So, what is the password in clear text that i can use for my switch now ?
Thanks
06-24-2009 01:39 PM
Sam,
You've configured a secret key for level 5.
If you want to access the device with the password 'testing', you must type enable 5 and the CLI and when prompted for password, enter testing
HTH,
__
Edison.
06-24-2009 03:54 PM
Hi ediortiz,
How to type the enable 5 in the switch?
I tried to type enable 5 but it prompt me this "% Invalid input detected at '^' marker."
Thanks
06-24-2009 04:06 PM
When you entered the command "enable secret 5 testing", you set the password to whatever the cleartext is that hashes to "testing".
You will not be able to reverse engineer what the cleartext password will be, so your only option is to set a new enable secret, such as "enable secret testing".
06-24-2009 07:34 PM
Hi Jason,
It is hashed to testing.
The problem now is i not able to go in the switch to set a new enable secret, so the only way for it is to perform the password recovery for the switch.
Is there any possibility to go in the switch without perform the password recovery?
Thanks
06-24-2009 10:47 PM
I'm affraid you've to do password recovery.
2 possibilities:
when booted:
press on mode button for 10seconds
>device will reboot
>config.text will be renamed to config.text.renamed
once booted up
Switch>enable
Switch#copy config.text.renamed run
Original#conf t
Original(conf)#enable secret testing
Original(conf)#end
Original#sh run | i enable
enable secret 5 sfsdgergett
Original#wr
or
reboot, and during booting press on the mode button.
you'll come into rommon mode
rommon>flash_init
rommon>rename flash:config.text flash:config.old
rommon>reset
when booted up you do the same as above
copy config.old run
....
reverse engineering of a hashed password is as far I know not possible.
It's possible for a level 7 password but not for a level 5
you have a level 7 if you do
enable password testing
service password-encryption
level 7 is a weak algorithm and is only used for masking a password so that others won't see the password
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: