Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

"password" or "secret" across platforms?

I wonder if anybody knows the reason why some IOS router/switch platforms will accept either "password" or "secret" when adding a user, and why some only accept "password". I've found that the following platforms seem to only accept "password" for users:

3600, 2600, 3500, 7200, 7500

While these platforms happily accept both:

4000, 4500, 6000, 6500, 1700, 2800, 2900

Is this a platform-specific command or an IOS-specific? Or is it maybe a configuration parameter?

The command is as follows:

conf t

username blah privilege 15 [secret | password ] <clear-text-password>

3 REPLIES

Re: "password" or "secret" across platforms?

Hi,

It's an IOS specific function. MD5 encryption of password (secret pw) was introduced to prevent retrieval of password virtually impossible.

Check the following link to see if your routers are running the correct IOS or later version to support this functionality.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1833/products_feature_guide09186a008008124c.html#1017378

Hope that helps!

Regards,

Sundar

New Member

Re: "password" or "secret" across platforms?

Thanks Sundar, however I have checked several devices with IOS versions later than the one specified in that document you linked where the "secret" command is not available. However in another device, same platform but slightly new IOS, the command is available. Perhaps it's a specific feature set which enables it?

Doesn't work in: c2600-i-mz.122-24a.bin

Works in: c2600-is-mz.123-5.bin

IP-Plus vs. IP maybe?

Re: "password" or "secret" across platforms?

Matthew,

I was just doing some research. It appears this feature was available only in Early Deployment (ED) releases in 12.2 mainline code. However, the feature was integrated into General Deployment (GD) code in the 12.3 mainline images. With regard to your other query about the feature set this feature is suppported with 'ip-only' feature set as well.

You can verify this by going to www.cisco.com/go/fn and search the image by feature 'enhanced password security'.

12.2(24a) is Deferred release and 12.3(5) image you have noted in previous posting is a GD image.

Hope that helps!

Regards,

Sundar

122
Views
3
Helpful
3
Replies
CreatePlease to create content