Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Enhanced username password security implementation query

Hi All,

For the cisco router/switch to have MD5encryption password using the command..

username xyz privilege 15 secret 12345

Cisco documentation saying the 'login local' should not be enabled. Is that true. I have devices with no access issues using 'login local'. I might be missing something. please clarify..

Cisco DOC:

Restrictions

MD5 encryption for the username command is not supported in versions of Cisco IOS software prior to Cisco IOS Releases 12.0(18)S and 12.2(8)T.

You must not have the aaa-new model command enabled on the networking device. You must not have the login local command configured for the local CLI sessions over the console port or the remote CLI sessions.

TIA

MS

  • WAN Routing and Switching
2 REPLIES
Hall of Fame Super Silver

Re: Enhanced username password security implementation query

MS

This makes no sense to me. Enabling aaa new-model or login local are the two ways that you get an IOS device to check for locally configured user and password for authentication.

I believe that either there must be something in the context of the original reference that changes the meaning or else it is an error in documentation that needs to be corrected.

[edit] I have just tested a user name with secret password (MD5 encrypted) with both login local and with aaa new-model and it works fine with each of the options.

HTH

Rick

Re: Enhanced username password security implementation query

Hi Rick

Thanks for the quick reply. The doc is too long and may be 'enable secret' is the context (than username). I will cross check again.

Thanks

MS

121
Views
4
Helpful
2
Replies
This widget could not be displayed.