Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3777
Views
10
Helpful
6
Replies

VCS-Expressway Alarm about Root password being hashed using MD5

Go to solution
mhaymore
Level 1
Level 1

‎08-10-2012 08:50 AM - edited ‎03-17-2019 11:35 PM

I logged into my VCS-Expressway after performing the x7.2 update, and have come across a new warning I had not seen before. It states:

1 alarm: * warning   Insecure password in use - The root user's password is hashed using MD5, which is not secure enough

I've looked around in the documentation, and have not found anything that mentioned this. Is it a matter of just resetting the password, which is already very strong, or is there something else I need to do to remove this alarm? Any ideas?

Thanks

Michael

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Alok Jaiswal
Cisco Employee
Cisco Employee

‎08-10-2012 09:26 AM

Hi Michael,

Thats a wraning generated as you are still using the default root password on expressway!!

a snippet from the document!!

An “Insecure password in use” alarm will be raised against the root account. This is because the VCS now uses SHA512 to hash passwords. Passwords were previously hashed using MD5. The root account will still be accessible but you are recommended to use the root passwd command to reset the root account password. Administrator account passwords are rehashed automatically on upgrade.

check below document for more details

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/release_note/Cisco_VCS_Release_Note_X7-2.pdf

page 7 has after upgrade information.

change the password for root!!

I hope it clarifies your doubt

Thanks

Alok

View solution in original post

6 Replies 6

Go to solution
Alok Jaiswal
Cisco Employee
Cisco Employee

‎08-10-2012 09:26 AM

Hi Michael,

Thats a wraning generated as you are still using the default root password on expressway!!

a snippet from the document!!

An “Insecure password in use” alarm will be raised against the root account. This is because the VCS now uses SHA512 to hash passwords. Passwords were previously hashed using MD5. The root account will still be accessible but you are recommended to use the root passwd command to reset the root account password. Administrator account passwords are rehashed automatically on upgrade.

check below document for more details

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/release_note/Cisco_VCS_Release_Note_X7-2.pdf

page 7 has after upgrade information.

change the password for root!!

I hope it clarifies your doubt

Thanks

Alok

Go to solution
mhaymore
Level 1
Level 1
In response to Alok Jaiswal

‎08-10-2012 09:31 AM

I just confirmed that I am not using the default password for my Expressway. Your message did help though, I needed to re-run the passwd command on the VCS to re-hash the password in SHA512. Thanks.

Go to solution
Andrew Vasel
Level 1
Level 1
In response to mhaymore

‎08-10-2012 12:49 PM

Michael

Thanks for posting that. That clarified why I too was seeing the same alarm on my development VCS where I also am not using the default pw.

0 Helpful

Go to solution
shweta_33
Level 1
Level 1
In response to Alok Jaiswal

‎03-17-2018 06:52 PM

Insecure password in use The admin user has the default password set Raised Warning This system Change the admin password

 

When i click on change the admin password link:

Administrator accounts

Prohibited access: Page not accessible to 'Read-only' users

 

How can i change "Read-only" users to "Read-write".

 

 

Regards,

Shweta

 

 

0 Helpful

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni
In response to shweta_33

‎03-19-2018 02:31 PM

Login to the VCS with the default admin account, which has read-write access:

  • Username: admin
  • Password: TANDBERG

You can then change the password under Users > Administrator Accounts.

0 Helpful

Go to solution
Tomonori Taniguchi
Cisco Employee
Cisco Employee

‎08-12-2012 05:02 PM

You can find same information at page 66 of TelePresence VCS X7.2 Introduction presentation, https://supportforums.cisco.com/docs/DOC-26316 as well.

0 Helpful
Customers Also Viewed These Support Documents