Re: 3850 password config

joe_jett · ‎11-04-2020

I'm trying to create a config using the more secure type 9 passwords, and I keep getting locked out for some reason. The switch doesn't recognize the password. I've researched, and thought this latest config was working. I logged in and out 3 times, and then all of a sudden it quit recognizing my password, and I have to do another password recovery. Here's the section on passwords from my config. We're not using an authentication server. I pasted the relevant parts to my question below. If someone can show me how to properly enter this config, I would be very appreciative and grateful. I attached my entire config also, so if anyone sees any other improvements, I'm open. I did try to work with a technician on Smartnet; that wasn't as helpful as I would have liked, and that is an intentional understatement as I try to remain positive.

Thanks for any suggestions

Ip domain-name domain.com
Ip ssh version 2
crypto key generate RSA modulus 2048
!
username admin privilege 15 algorithm-type scrypt secret myloginpassword
enable secret MyEnablePassword

aaa new-model
!
!
aaa authentication login default local

line con 0
stopbits 1
line vty 0 4
transport input ssh
line vty 5 15
transport input ssh

balaji.bandi · ‎11-04-2020

When you enter below command :

username [NAME] privilege [0-15] algorithm-type [TYPE] secret [PASSWORD]

show run should encrypt like below

username XXXX pri 15 secret 9 YYYYYYYYYYYYYYYYY

but as per your output still show the same, is this removed intionally when you sanitize ?

username admin privilege 15 algorithm-type scrypt secret myloginpassword

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

joe_jett · ‎11-04-2020

My output isn't included there, that's just where I copied from another config. But I don't think it would be wise to paste it here in any case.

joe_jett · ‎11-05-2020

bump

joe_jett · ‎11-06-2020

Did I post this in the wrong section or something?