From: Venkatesh Palani (kvpalani@gmail.com)
Date: Wed Oct 05 2005 - 02:37:53 GMT-3
Hi,
Service password-encryption converts all the password to type 5. I wonder
if there is a chance for this to be slipped into your configuration (
probably retainned from old configuration ...by chance)
Regards,
Kven
On 10/5/05, Shanky <shankyz@gmail.com> wrote:
>
> Thanks Arun,
> But I think we can use the same hash for the enable secret password on 2
> routers by cutting and pasting from the 2nd router to the 1st one.
> The task I was trying was ,,,
> 1. Configure enable password ( Not the secret password )
> enable password level 2 0 test
> The router automatically converted it to type 5 hash , now if we are
> prohibited from using the enable secret command on the 2nd router, how do
> we
> set it up for using the same password as the 1st one ? Assume that we cant
> use the plain text password, and we cant use the md5 hash from the 1st
> router also as we dont know the type7 hash for the password and enable
> password command doesnt have any option for specifying the type 7 hash.
> So, I guess the only way
> 1. Use enable secret with Type 5 hash and copy/paste it from the other
> router.
> 2. Use enable secret with plain text password
> 3. Use enable password with plain text password.
> Thanks
> Shanky
>
> On 10/4/05, Arun Arumuganainar <aarumuga@hotmail.com> wrote:
> >
> > Hi Shanky ,
> >
> > Type 5 secret password encryption uses MD5 encryption . So original
> > password
> > will get discarded after encryption . This means u can not cut and paste
> > enable secret password accross various routers .
> >
> > This is for the same reason type5 passwords can not be used with PPP
> > username passwords .
> >
> > Thanks and Regards
> > Arun
> > ----- Original Message -----
> > From: "Shanky" <shankyz@gmail.com>
> > To: "lab" <ccielab@groupstudy.com>
> > Sent: Monday, October 03, 2005 12:57 PM
> > Subject: setting up enable password using encrypted password
> >
> >
> > > Hi,
> > > Just trying to setup enable password for different priv levels using
> > > encrypted values , observed the following.
> > > 1. on SW1 , did enable password level 2 0 test
> > > the switch convers it to secret and the running config shows
> > > enable secret level 2 5 $1$9H9z$IYx/gwpnxk5.MnnP3CVNn0
> > > now .if I want to set the same password on say switch 2 but I am
> > > prohibited from using enable secret command..
> > > I did ..
> > > on SW2,
> > > enable password level 2 $1$jTcA$oHHlPh05wjdzi2sN7vS7t/ as shown below
> ..
> > but
> > > got the error message .
> > > SW1(config)#enable pass le
> > > SW1(config)#enable pass level 2 7 $1$jTcA$oHHlPh05wjdzi2sN7vS7t/
> > > % Converting to a secret. Please use "enable secret" in the future.
> > > Invalid encrypted password: $1$jTcA$oHHlPh05wjdzi2sN7vS7t/
> > > So, if the requirement is to have the same password on 2 devices and
> we
> > > have to use ..say an encrypted password on the 2nd device, the only
> way
> > it
> > > seems is
> > > enable secret level 2 5 $1$jTcA$oHHlPh05wjdzi2sN7vS7t/ ----- on the
> 2nd
> > > device
> > > so when/where do we use the enable password 7 .... command ?
> > > Can anyone explain ?
> > > TIA
> > > Shanky
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:49 GMT-3