Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

tacacs key not necrypted!

Hi, i run IOS (tm) 7200 Software (C7200-JS-M), Version 12.1(8), RELEASE SOFTWARE (fc1) and i put a tacacs-server key PASS but even though i run service password-encryptio it does not encrypt the password. What might be the problem?

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: tacacs key not necrypted!

VASILEIOS

What you are seeing is normal behavior for the version of code that you are running. The set of keys that are encrypted by service password-encryption has changed over time. More recent versions of IOS do encrypt the TACACS server key and the version of code that you are running does not. If it is important to you to have the TACACS server key be encrypted then you should plan to upgrade the version of code to a more recent version of code. I do not remember for sure the version where the TACACS key became encrypted but I believe that it was somewhere in 12.3T.

HTH

Rick

4 REPLIES
Hall of Fame Super Silver

Re: tacacs key not necrypted!

VASILEIOS

What you are seeing is normal behavior for the version of code that you are running. The set of keys that are encrypted by service password-encryption has changed over time. More recent versions of IOS do encrypt the TACACS server key and the version of code that you are running does not. If it is important to you to have the TACACS server key be encrypted then you should plan to upgrade the version of code to a more recent version of code. I do not remember for sure the version where the TACACS key became encrypted but I believe that it was somewhere in 12.3T.

HTH

Rick

Re: tacacs key not necrypted!

Hi,

Exactly Rick, i've faced this issue before on one of my VXRs, and i believe that the first IOS that encrypts the RADIUS and TACACS keys was "12.2(37)" i've it running till now (at least from the many IOSs that i've tried).

BR,

Mohammed Mahmoud.

New Member

Re: tacacs key not necrypted!

Thanx anyone i thought it might be an IOS version issue ut i wanted to get an opinion of an expert.

thanx

Hall of Fame Super Silver

Re: tacacs key not necrypted!

VASILEIOS

I am glad that my answer was helpful. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that they will read an answer that resolved the question.

I encourage you to continue your participation in the forum.

Mohammed's response indicates that support for encrypting TACACS keys may have started earlier than what I remembered. So you may have to check several versions to see where that support began for your platform.

HTH

Rick

171
Views
4
Helpful
4
Replies
CreatePlease to create content