cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
948
Views
0
Helpful
1
Replies

Encrypt shared key with AAA server

ThomasD86
Level 1
Level 1

Hi,

as the title of my posts says, our security group raised concern over this topic.
The problem is that during a "show run" of the device, the tacacs+ shared key is encrypted with mode 7 which means that it is possible to get the authentication key rather easily from any website. So they asked us if it is possible to change the encryption of that key to something more secure.

The router is an ASR9k using IOS-XR 7.1.3 64-bit, but the only options I get from the CLI are 0 and 7. Is there a way to use any other mode?

Thank you

1 Reply 1
Review Cisco Networking for a $25 gift card