Key config-key password-encrypt super-secret-password In this example I’m working with devices that have reset to factory defaults.Īny device that runs modern IOS XE should support Type 6 Note: Using Type 6 has been supported since 2006, IOS 12.3(2)T and possibly earlier!įor a detailed explanation of each password type please see this document I wrote. I’d like to make a counting joke here but I won’t. If you interested in the details for Types 0,4,5,6,7,8,9 please check out this other document I wrote. Type 6 use strong AES 128-bit encryption for storing passwords. Today in 2021 the recommendation is to use Type 6, Type 8 and Type 9. At this time my recommendation is to never use Type 5 or Type 7 and absolutely do not EVER use Type 4. There are some newer methods like Type 8 (SHA256) and Type 9 (SCRYPT). We enabled Type 7 encryption with the CLI service password-encryption command. The older methods are Type 5 (MD5 hash) & Type7 (Vigenere obfuscation). Traditionally Cisco has used several different methods for storing passwords and keys in IOS.
0 kommentar(er)
