Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

standby 1 autthentication md5 key-string 7 example

Hi every body!

Could any body please give an example of standby 1 authentication md5 key-string 7?

Thanks a lot!

3 ACCEPTED SOLUTIONS

Accepted Solutions

Re: standby 1 autthentication md5 key-string 7 example

You would not include the "7" if the string is not already encrypted. You would just type:

standby 1 authentication md5 key-string test

If you have service password-encryption enabled then it would automatically encrypt the string.

Then you would look at the config and it would like this:

standby 1 authentication md5 key-string 7 071B245F5A

Since I already have the string (example above) previously encrypted I can copy and paste the line in and you would need to include the "7".

Note: This is also the same with passwords too.

HTH,

Mark

Re: standby 1 autthentication md5 key-string 7 example

Hi Sarah,

As you correctly pointed we append do show when in interface or global config mode to view show commands.

The include or (i) command includes only those lines in the configuration containing the regular expression specified.

eg: show run | i standby

shows only lines including "standby". Note that the text specified (standby) is case-sensitive. It provides the necessary filter to your output. In the above case, standby pertains to HSRP, so it shows configuration specific to HSRP.

The documentation below might help

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtshfltr.html

Lejoe

Re: standby 1 autthentication md5 key-string 7 example

I may have unnecessarily confused you earlier. The service password encryption will encrypt passwords and encryption strings so that they are not clear text in the configuration. Service password-encryption will take "test" and encrypt it to "071B245F5A". The "071B245F5A" is the encrypted sting of "text". In order to have an encrypted password it must be followed by "7" so the router will know that it is encrypted otherwise "071B245F5A" would be your authentication key, and not test. Service password-encryption does not have to be enabled.

I hope this may have cleared up any confusion,

Mark

11 REPLIES
Hall of Fame Super Silver

Re: standby 1 autthentication md5 key-string 7 example

Hello Sarah,

you can see the difference on using the 7 option:

even if your router is not configured for password encryption (service password encrpytion global command) the password will be coded and when you do sh run you will see an hash instead of the password you entered.

This is seen as a security measure so that someone looking at your screen cannot read the password on the fly or at the printer when you print the config file.

Hope to help

Giuseppe

Bronze

Re: standby 1 autthentication md5 key-string 7 example

Thanks a lot Giuseppe!

Mark says we wont enter the"7" in following command:

standby 1 authentication md5 key-string 7 test.

If "7" means that encrypted value of"test" be used, then question is how we find that encrpted value of"test" if service password-encrption is not configured.

If the whole point of using "7" is to encrpt the "test", then one can use only service password-encryption.

I aplogise for repeating the same problem becuase i still did not get it.

thanks a lot!

Re: standby 1 autthentication md5 key-string 7 example

An example of a key string would be:

standby 1 authentication md5 key-string 7 071B245F5A

If you decrypted the string it would read test.

HTH,

Mark

Bronze

Re: standby 1 autthentication md5 key-string 7 example

Thanks a lot Mark

Is following the correct:

we configure the command "standby 1 authentication md5 key-string 7 test"

The "7" causes the string"test" to encrypted which would appear as 071B245F5A in configuration.

Am i correct?

thanks a lot!

Re: standby 1 autthentication md5 key-string 7 example

You would not include the "7" if the string is not already encrypted. You would just type:

standby 1 authentication md5 key-string test

If you have service password-encryption enabled then it would automatically encrypt the string.

Then you would look at the config and it would like this:

standby 1 authentication md5 key-string 7 071B245F5A

Since I already have the string (example above) previously encrypted I can copy and paste the line in and you would need to include the "7".

Note: This is also the same with passwords too.

HTH,

Mark

Bronze

Re: standby 1 autthentication md5 key-string 7 example

thanks Mark!

That means "service password-encrption" must be configured to get the word "test" encrpted in the the command" standy 1 authentication md5 key-string test". Then we copy and paste the encrpted word in the command" standby 1 authentication 7xxxxxxxxxx".

Is it correct concept?

thanks alot!

Hall of Fame Super Bronze

Re: standby 1 autthentication md5 key-string 7 example

RSRack1R2#sh run | i no service

no service password-encryption

!

!

RSRack1R2#conf t

Enter configuration commands, one per line. End with CNTL/Z.

RSRack1R2(config)#int f0/0

RSRack1R2(config-if)#standby 1 authentication md5 key-string test

!

!

!

RSRack1R2(config-if)#do show run | i standby

standby 1 authentication md5 key-string test

!

!

RSRack1R2(config-if)#service password

RSRack1R2(config)#do show run | i standby

standby 1 authentication md5 key-string 7 03105E1812

Bronze

Re: standby 1 autthentication md5 key-string 7 example

Thanks a lot Edison!

Excuse me for being dumb.

RSRack1R2(config)#do show run | i standby

what does above command? I googled it but only found out how we can use "do show" in interface mode to avoid going back and forth in enabled mode just to view the configuration.

But you used" / i standby" with" do show" command,Could you please explain to me what does this command do?

Just hunch, does it show the configuration pertaining to hrsp?

Re: standby 1 autthentication md5 key-string 7 example

Hi Sarah,

As you correctly pointed we append do show when in interface or global config mode to view show commands.

The include or (i) command includes only those lines in the configuration containing the regular expression specified.

eg: show run | i standby

shows only lines including "standby". Note that the text specified (standby) is case-sensitive. It provides the necessary filter to your output. In the above case, standby pertains to HSRP, so it shows configuration specific to HSRP.

The documentation below might help

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtshfltr.html

Lejoe

Bronze

Re: standby 1 autthentication md5 key-string 7 example

Thanks a lot Lejoe!

Re: standby 1 autthentication md5 key-string 7 example

I may have unnecessarily confused you earlier. The service password encryption will encrypt passwords and encryption strings so that they are not clear text in the configuration. Service password-encryption will take "test" and encrypt it to "071B245F5A". The "071B245F5A" is the encrypted sting of "text". In order to have an encrypted password it must be followed by "7" so the router will know that it is encrypted otherwise "071B245F5A" would be your authentication key, and not test. Service password-encryption does not have to be enabled.

I hope this may have cleared up any confusion,

Mark

2207
Views
5
Helpful
11
Replies
CreatePlease login to create content