Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

Enable, Secret, Privilege Password

abc1235
Level 1
Level 1

‎07-29-2021 06:20 AM

Hallo All,

 

I have configured my router with an enable secret 5 password and also added some usernames+privilege level+secret 5 password. However, when I reload the router, I am not prompted for any username or password. I have the aaa enabled to authenticate with TACACS, which I understand could be a problem. However, is there a solution without disabling aaa.

 

This will probably be the most basic question but I will go ahead and ask because I have dwelt on it all morning without success. I had deleted the configs from my router and would want to reconfigure with the exact same configs (maybe add a few usernames and change passwords). However, I am getting the following error messages:

 

R1(config)#enable secret 5 xyz
ERROR: The secret you entered is not a valid encrypted secret.
To enter an UNENCRYPTED secret, do not specify type 5 encryption.

 

It is clear, after reading, that secret 5 passwords are hashed, so, plain text will definitely not work. So, how do I generate an encrypted secret while maintaining the secret 5 level password? If I configure with secret password without specifying 5, the secret level is set to secret 9 in 'sh run' but I want to maintain it at secret 5.

 

Then this is also giving me the same problem when I enter a plain text secret 5 password:

 

R1(config)#username xyz privilege 15 secret 5 xyz
ERROR: The secret you entered is not a valid encrypted secret.
To enter an UNENCRYPTED secret, do not specify type 5 encryption.
When you properly enter an UNENCRYPTED secret, it will be encrypted.

 

To add context to my issue, I had the running configs before erasing them from the router. When I directly paste it into my terminal, it works (with a warning) but unfortunately, I can't decrypt the MD5 passwords andy anyway, I am not even prompted to enter username or password on reboot. 

 

R1(config)#username xyz privilege 15 secret 5 $1$H5hX$mxxxxxxx
WARNING: Command has been added to the configuration using a type 5 password. However, type 5 passwords will soon be deprecated. Migrate to a supported password type
R1(config)#
*Jul 29 2021 14:49:25.157 CEST: %AAAA-4-CLI_DEPRECATED: WARNING: Command has been added to the configuration using a type 5 password. However, type 5 passwords will soon be deprecated. Migrate to a supported password

 

I will really appreciate your help on this. Thanks.

 

Regards,

Joyce

2 people had this problem
Labels:
0 Helpful
Who Me Too'd this topic