Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

scrypt on 3750x

So I see now that the options for hashing passwords now has the scrypt (9) option.  So how do we create a hashed password that the switch will accept?

I found a perl module that can create hashes, but the ones I've created are not acceptable.

#!/usr/bin/perl -w

use Crypt::ScryptKDF qw(scrypt_raw scrypt_hex scrypt_b64);

use strict;

my $password = "cisco";

my $N;                                                                      # CPU/memory cost (has to be power of 2 and >1); DEFAULT: 2^14

my $r;                                                                      # block size parameter; DEFAULT: 8

my $p;                                                                      # parallelization parameter; DEFAULT: 1

my $len;                                                                      # length of derived key (in bytes); DEFAULT: 32

#my $key_base64 = scrypt_b64($password, $N, $r, $p, $len)

my $key_base64 = scrypt_b64($password);

print "$key_base64\n";

exit;

Sample output:

$ ./scrypt_gen.pl

GJMxtei3rED6da5JiQEeNDGsq3EOwqebRpXzRszaM6w=

Thanks,

John

Everyone's tags (2)
1 REPLY

scrypt on 3750x

John,

You may be better moving this to the EEM scripting forum. Those guys over there are very versed in scripting. Just to take note though, Base64 encoded strings will not be supported.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_55_se/configuration/guide/swauthen.html#wp1020685

Actually, it looks like the 3750X only supports type 5 cisco proprietary encryption:

(Optional) For

encryption-type

,  only type 5, a Cisco proprietary encryption algorithm, is available. If  you specify an encryption type, you must provide an encrypted  password—an encrypted password that you copy from another switch  configuration.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
148
Views
0
Helpful
1
Replies