05-24-2018 04:31 PM - edited 02-21-2020 07:48 AM
I have a 5525 with radius configured. I recently had to configure from an existing config and in the process the aaa-sever key was corrupted. It is set as "key 8 <hash>" I can set the password using the "key <password>" and radius will work. I would like to encrypt the password using "key 8", as originally was set, but I cannot. If I use "key 8 <password>" I get the following, ERROR: Ciphertext <password> is not well formed. So the question is how do I convert my "key <password>" that works to "key 8 <hash>"?
thanks
05-24-2018 05:26 PM - edited 05-24-2018 05:28 PM
Hi,
You firewall is using Master Passphrase to encrypt passwords.
You should enter the Radius key as "key " and the firewall will convert that to "key 8 ". If you need to change the passphrase, have a look at the document i have referenced above.
Thanks
John
05-25-2018 08:49 AM
That is what I would have thought, I should just enter the command "key <password>" it should show up as "key 8 <hash>", buts its not. I do have "password encryption aes" but I DON'T have a line with "key config-key password-encryption" in my config. On a side note this config was copied from one machine to another since the configurations just needed to be tweaked. Since this is another PAIR, I do have the "failover key 8 <hash>" that also is not working. I also set that with "key" and it did not <hash> with a key 8. It's like I need to re-config the encryption or reset it. I tried that on another machine and got locked out and had to reboot back to original config, strange.
-thnaks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide