Jump to content



Photo

Pre-hashed Passwords

Answered Go to the full post cisco

  • Please log in to reply
3 replies to this topic

#1 Stokkolm

Stokkolm

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 09-February 03
  • Location: Alaska
  • OS: Windows 8.1
  • Phone: Lumia 1520

Posted 25 June 2014 - 20:29

I am using a running switch config as a template for a new switch that I'm setting up. If service password-encryption was run on the other switch can I use the hashed passwords in my new configuration file or do I need to use plain-text?



Best Answer Walid W. , 26 June 2014 - 07:17

Yes, you can use your hased version password in your new switch. If it is MD5 use 5 and if it is SHA256 use 4 depending on how you configured your passwored in your current switch that you are copying from.

xxx-sw-int01(config)#username walid priv 15 sec ?
  0     Specifies an UNENCRYPTED secret will follow
  4     Specifies a SHA256 ENCRYPTED secret will follow
  5     Specifies a MD5 ENCRYPTED secret will follow
  LINE  The UNENCRYPTED (cleartext) user secret

xxx-sw-int01(config)#user                       
xxx-sw-int01(config)#usern
xxx-sw-int01(config)#username walid priv 15 sec 4 ?
  WORD  The HIDDEN user secret string

xxx-sw-int01(config)#username walid priv 15 sec 5 ?
  WORD  The HIDDEN user secret string

xxx-sw-int01(config)#username walid priv 15 sec 5
Go to the full post



#2 OP Stokkolm

Stokkolm

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 09-February 03
  • Location: Alaska
  • OS: Windows 8.1
  • Phone: Lumia 1520

Posted 25 June 2014 - 21:06

Based on my Google research as long as I TFTP the configs to flash I should be able to leave them as is as long as I keep the "5" there.

 

Example:

username myusername privilege 15 secret 5 XXXXXXXXXXXXXXXXXXXXXXXX

Does anyone have any experience with this?



#3 Walid W.

Walid W.

    https://nabz0r.info

  • Tech Issues Solved: 2
  • Joined: 19-July 08
  • Location: Lost somewhere in Sweden
  • OS: Ubuntu, Debian, Backtrack 5r, Windows 7 & XP
  • Phone: HTC One, iPhone 3GS & iPhone 4s

Posted 26 June 2014 - 07:17   Best Answer

Yes, you can use your hased version password in your new switch. If it is MD5 use 5 and if it is SHA256 use 4 depending on how you configured your passwored in your current switch that you are copying from.

xxx-sw-int01(config)#username walid priv 15 sec ?
  0     Specifies an UNENCRYPTED secret will follow
  4     Specifies a SHA256 ENCRYPTED secret will follow
  5     Specifies a MD5 ENCRYPTED secret will follow
  LINE  The UNENCRYPTED (cleartext) user secret

xxx-sw-int01(config)#user                       
xxx-sw-int01(config)#usern
xxx-sw-int01(config)#username walid priv 15 sec 4 ?
  WORD  The HIDDEN user secret string

xxx-sw-int01(config)#username walid priv 15 sec 5 ?
  WORD  The HIDDEN user secret string

xxx-sw-int01(config)#username walid priv 15 sec 5


#4 OP Stokkolm

Stokkolm

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 09-February 03
  • Location: Alaska
  • OS: Windows 8.1
  • Phone: Lumia 1520

Posted 02 July 2014 - 19:36

 

Yes, you can use your hased version password in your new switch. If it is MD5 use 5 and if it is SHA256 use 4 depending on how you configured your passwored in your current switch that you are copying from.

xxx-sw-int01(config)#username walid priv 15 sec ?
  0     Specifies an UNENCRYPTED secret will follow
  4     Specifies a SHA256 ENCRYPTED secret will follow
  5     Specifies a MD5 ENCRYPTED secret will follow
  LINE  The UNENCRYPTED (cleartext) user secret

xxx-sw-int01(config)#user                       
xxx-sw-int01(config)#usern
xxx-sw-int01(config)#username walid priv 15 sec 4 ?
  WORD  The HIDDEN user secret string

xxx-sw-int01(config)#username walid priv 15 sec 5 ?
  WORD  The HIDDEN user secret string

xxx-sw-int01(config)#username walid priv 15 sec 5

It's MD5. Thank you for the help!





Click here to login or here to register to remove this ad, it's free!