Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1029
Views
0
Helpful
1
Replies

What encrypts the tacacs-server key?

tnason
Level 1
Level 1

‎03-09-2005 09:55 AM - edited ‎03-10-2019 02:02 PM

I have noticed 12.3 IOS provides level 7 encryption of the tacacs-server key. What syntax/commands provide this? Is level 5 achievable? I also noticed the same configuration in 12.2 IOS does not encrypt the key. Please advise.

Labels:
0 Helpful
1 Reply 1

Richard Burts
Hall of Fame
Hall of Fame

‎03-10-2005 09:34 AM

I also noticed the changed behavior when changing to a newer IOS that the TACACS key was encrypted (using the Cisco proprietary - type 7 - encryption).

The command that provides this is the command service password-encryption. This is the command that has always encrypted line commands and things like that. It is obvious that Cisco has enlarged the list of passwords that are protected by this service.

I did test and if I remove the service password-encryption and then configure a TACACS key, then the key value shows up in clear text as it does in older versions of IOS.

I do not believe that level 5 is achievable for the TACACS key.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents