I added this command "enable secret 5 testing" in the cisco switch.I save it (write mem) and restart the switch,the switch prompt me the password when i want to go in to the enable mode. I tried "testing" as the password, but switch reply wrong password. SO, my question here is what password should i use to get into the switch enable mode ?
Thanks for your reply! I tried "5 testing" but still failed. FYI, I am able to enter this command "enable secret 5 testing" without any error.
What platform/IOS version are you using? when you enter the command enable secret 5 - this normally means that the next string will be the password but in encrypted format.
You must be running an old version of IOS
enable secret 5 testing
> means that an enable password has been configured. The hashed form of the password is testing.
it should work if you do enable secret testing.
the result in show run will be
enable secret 5 dsfdsfxcxwdsf
as Andrew confirmed before
My IOS version is "c3560-ipbase-mz.122-35.SE5".
I understood that the next string after the 5 is password but in encrypted format.
So, what is the password in clear text that i can use for my switch now ?
You've configured a secret key for level 5.
If you want to access the device with the password 'testing', you must type enable 5 and the CLI and when prompted for password, enter testing
How to type the enable 5 in the switch?
I tried to type enable 5 but it prompt me this "% Invalid input detected at '^' marker."
When you entered the command "enable secret 5 testing", you set the password to whatever the cleartext is that hashes to "testing".
You will not be able to reverse engineer what the cleartext password will be, so your only option is to set a new enable secret, such as "enable secret testing".
It is hashed to testing.
The problem now is i not able to go in the switch to set a new enable secret, so the only way for it is to perform the password recovery for the switch.
Is there any possibility to go in the switch without perform the password recovery?
I'm affraid you've to do password recovery.
press on mode button for 10seconds
>device will reboot
>config.text will be renamed to config.text.renamed
once booted up
Switch#copy config.text.renamed run
Original(conf)#enable secret testing
Original#sh run | i enable
enable secret 5 sfsdgergett
reboot, and during booting press on the mode button.
you'll come into rommon mode
rommon>rename flash:config.text flash:config.old
when booted up you do the same as above
copy config.old run
reverse engineering of a hashed password is as far I know not possible.
It's possible for a level 7 password but not for a level 5
you have a level 7 if you do
enable password testing
level 7 is a weak algorithm and is only used for masking a password so that others won't see the password