cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1027
Views
4
Helpful
4
Replies

service password-encryption

haithamnofal
Level 3
Level 3

Hi There,

If I want to configure "service password-encryption" on my internet and WAN routers, would there be any perofrmance degradation or over cpu consumption?

Appreciate your feedback.

Regards,

Haitham

4 Replies 4

Richard Burts
Hall of Fame
Hall of Fame

Haitham

There is no CPU consumption or other performance degradation if you configure service password-encryption.

HTH

Rick

HTH

Rick

devang_etcom
Level 7
Level 7

no it will not affect your cpu usage

regards

Devang

glen.grant
VIP Alumni
VIP Alumni

No as others have said all it does is encrypt the vty and console passwords in the config which is basically a text file , makes no difference...

Kevin Dorrell
Level 10
Level 10

To add to what the others have said, the result from service password-encryption is that the vty and user password are encrypted in listing with a type '7' encryption, which is child's-play to crack.

If you are concerned about protecting the passwords, set up a set of local user names to do your management and give them a "secret" rather than a passord, then do a login local on your vty lines. That will give them a type '5' encryption, like the enable secret, which is much more secure.

You can see the encryption type in the config listing.

Incidentally, if you introduce service password-encrytion, then it will encrypt your passwords in the config listing. If you then do no service password-encryption, it will not reverse the encryption on passwords that are already encrypted, but the passwords will still work nevertheless.

Try it out on a lab router before you do it on a production network!

Kevin Dorrell

Luxembourg