is ACS internal authentication encrypted

hazemelebiary · ‎11-29-2015

Is the ACS authentication in its local database encrypted or not?

I mean if you are not using any TACACAS , AAA or active directory server with ACS ,use its internal database what are authentication types and are they encrypted?

Please send me document showing the answer

Ganesh Hariharan · ‎11-29-2015

Hello,

Check out the below link

https://supportforums.cisco.com/discussion/11394191/whats-type-acs-v42-database-password-hash

The above thread shows that password in ACS internal database are ecrypted.

Hope that Helps..

-GI

Rate if it Helps.

hazemelebiary · ‎11-30-2015

Thanks for the reply.
However i need to know the algorithm such as : Encryption algorithm must be at least AES/128 (AES/256 recommended)
If password is stored as hashed, it should be at least SHA-1 (SHA-2 recommended).

The link you sent us is for ACS 4.2 .I need to know about ACS 5.5 .

For ACS 4.2 I have the below details for internal database:

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4-2/user/guide/ACS4_2UG/UsrDb.html#wp353486

About the ACS Internal Database

For users who are authenticated by using the ACS internal database, ACS stores user passwords in a database which is protected by an administration password and encrypted by using the AES 128 algorithm. For users who are authenticated with external user databases, ACS does not store passwords in the ACS internal database.