Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Enable Secret 4

Hi there,

This has been bugging me for a while and I cannot find much if any documentation about it. But how do you go about using enable secret 4 (sha256) instead of enable secret 5. Is this feature only available in a particular IOS train or is it a feature you have to activate?

Rob

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Enable Secret 4

Hi Rob,

It seems you need 15.2(03)T1, version 15.2(03)T does not have this supported. T1 will be released at 06/29.

Kind Regards,
Ivan

**Please grade this post if you find it useful.

Kind Regards, Ivan Shirshin **Please grade this post if you find it useful.
7 REPLIES
Cisco Employee

Enable Secret 4

Hi Rob,

Ecnryption types 0, 4 and 5 were added to this command starting with 15.0(1)S release. See this comman reference:

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_e1.html#wp1042287

Level 4 encryption is SHA256, which is superior to md5 (level 5 encryption). This was made the default in 15.0(1)S and md5 password encryption will be deprecated eventually.

The latest 15.1 releases already generate a warning in case of using md5, such as:

Warning: MD5 encryption will be deprecated soon. Please move to SHA256 encryption.

Kind Regards,
Ivan

**Please grade this post if you find it useful.

Kind Regards, Ivan Shirshin **Please grade this post if you find it useful.
New Member

Enable Secret 4

Hi Ivan,

Thanks for the reply. The reason I was confused was we upgraded a 2951 to a later version of IOS (15.2) and the feature doesnt appear to be there. When entering enable secret there is no option for encryption type 4. I can check for definite tomorrow what release of code it is. Is it possible this version has the feature missing?

Thanks

Rob

Cisco Employee

Enable Secret 4

Hi Rob,

It works on 2900 platform starting with versions 15.2(2)T1 and 15.2(03)T1 - "enable secret 4 ...".

What is your exact image version?

Kind Regards,
Ivan

**Please grade this post if you find it useful.

Kind Regards, Ivan Shirshin **Please grade this post if you find it useful.
New Member

Enable Secret 4

Hi Ivan,

We were running c2951-universalk9-mz.SPA.152-2.T1.bin which had the feature enable but when we upgraded to

c2951-universalk9-mz.SPA.152-3.T.bin the feature wasnt there. Its seems like it may have been missed off the later release?

So in summary

working

c2951-universalk9-mz.SPA.152-2.T1.bin

Not available

c2951-universalk9-mz.SPA.152-3.T.bin

Weird?

Thanks

Rob

Cisco Employee

Enable Secret 4

Hi Rob,

It seems you need 15.2(03)T1, version 15.2(03)T does not have this supported. T1 will be released at 06/29.

Kind Regards,
Ivan

**Please grade this post if you find it useful.

Kind Regards, Ivan Shirshin **Please grade this post if you find it useful.
New Member

Enable Secret 4

Thanks Ivan.

Cisco Employee

Enable Secret 4

Glad to help, Rob.

Kind Regards, Ivan Shirshin **Please grade this post if you find it useful.
22678
Views
15
Helpful
7
Replies
CreatePlease login to create content