TACACS Key
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-10-2005 02:39 PM - edited 03-10-2019 02:22 PM
Hi,
I just want to confirm that to scramble the TACACS key on show run display, you put 7:
(config)#tacacs-server key ?
0 Specifies an UNENCRYPTED key will follow
7 Specifies HIDDEN key will follow LINE
The UNENCRYPTED (cleartext) shared key
Service password encryption has nothing to do with it, right? How do you scramble the key if the IOS doesn't have this "0" and "7" option? Also, on my 3725, even though I tried to put cleartext password on it, it automatically convert to encrypted password, anyone know why?
Thanks in advance.
- Labels:
-
AAA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2005 03:20 AM
You only use the 7 option if your password is already encrypted. Otherwise, enter a cleartext password/key without a number and service password encryption will encrypt it for you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2005 10:17 AM
Kevin
Will is correct and service password has everything to do with scrambling the TACACS key. There are some (recent) version of IOS that do support this and there are some (older) versions that do not. If the version of IOS that you are running does not have that support I strongly urge you not to try to input (or create) a scrambled key. Instead you should concentrate your efforts in upgrading the IOS to a version that does have this support.
If you input a cleartext key and the 3725 created a scrambled key then I am sure that the 3725 has service password encryption enabled.
HTH
Rick
Rick
