Info about setting enable and username secret lev.5 passwords
it's the first time I write on this forum, so I hope it's the right section for my question... I need to replace the enable and username XXX level 7 passwords (defined with enable password PPP and username xxx password PPP commands) on a lot of devices and I'll do it through an automated script that will send commands to these devices.. Since I would avoid to send the password in cleartext with enable secret PPP or username xxx secret PPP, I'd like to execute the commands on a test router and then directly send the level 5 encrypted password to the other routers (i.e. enable secret 5 hash-of-PPP and username xxx secret 5 hash-of-PPP). Since I know that the hashed value contains a salt that is used in some way to compute the hash value of a password, I wonder if a given level 5 enable or username password can work on all the IOS versions and router models that we have.. have you ever experienced some problems regarding the copy-and-paste of already-encrypted passwords?
I know that this could lead to problems with level 7 passwords used for radius authentications (one of my colleagues experienced problems after a copy-and-paste of a password that did not work until he re-wrote the authentication command with the clear-text password, forcing the router to compute the level 7 password by itself), but I don't know if it was a bug of IOS and maybe only related to level 7 passwords..
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...