Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Info about setting enable and username secret lev.5 passwords

Hi,

it's the first time I write on this forum, so I hope it's the right section for my question... I need to replace the enable and username XXX level 7 passwords (defined with enable password PPP and username xxx password PPP commands) on a lot of devices and I'll do it through an automated script that will send commands to these devices.. Since I would avoid to send the password in cleartext with enable secret PPP or username xxx secret PPP, I'd like to execute the commands on a test router and then directly send the level 5 encrypted password to the other routers (i.e. enable secret 5 hash-of-PPP and username xxx secret 5 hash-of-PPP). Since I know that the hashed value contains a salt that is used in some way to compute the hash value of a password, I wonder if a given level 5 enable or username password can work on all the IOS versions and router models that we have.. have you ever experienced some problems regarding the copy-and-paste of already-encrypted passwords?

I know that this could lead to problems with level 7 passwords used for radius authentications (one of my colleagues experienced problems after a copy-and-paste of a password that did not work until he re-wrote the authentication command with the clear-text password, forcing the router to compute the level 7 password by itself), but I don't know if it was a bug of IOS and maybe only related to level 7 passwords..

Thank you in advance for any help.

    Gianni

Everyone's tags (4)
992
Views
0
Helpful
0
Replies