Re: Nexus 5k username and password question

Junaid Shah · ‎12-28-2018

Hello,

we have a local username configured on cisco nexus 5k switch with level 5 password but we do not know whats the password, we can access the switch with our tacacs account. We have around 20 or more switches with this local account. My question is that is there a way we can read config file from flash with plain text like we do in IOS using the "more" command and it shows everything. Other than that what are my options to see the password, opening a case with Cisco etc ?

Peter Paluch · ‎12-29-2018

Hello Junaid,

The type 5 passwords in NX-OS are never stored in plaintext anywhere in the system. A type 5 password is in fact a hash of the plaintext password which is not reversible; when you log in, the password you enter on the keyboard is put through the same hashing function and the resulting hash is compared with the stored value in the system. There is no way to reverse the process to find out the plaintext value of the password. I am sorry to disappoint you but Cisco TAC will not be able to help you here.

Your only option is to change that user's password to a new value. If you can access the switch using an account with the network-admin role such as admin, this user is entitled to change the password of any user without knowing the original password. If you do not have such access to the switch then the only way I can see is to perform the password recovery as documented here:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/password_recovery/b_nx_os_pwr/nx_os_pw.html

Best regards,
Peter