Solved: Basic password encryption in router config - Cisco Community

528

Views

0

Helpful

2

Replies

I am practicing basic RIP md5 authentication. Using the "service password-encryption" gives me as follows-

-----------------------------------

!

key chain cisco

key 2

key-string xxx

!

interface FastEthernet0/0

no ip address

shutdown

half-duplex

!

interface FastEthernet1/0

ip address 3.x.x.1 255.255.255.0

ip rip authentication mode md5

ip rip authentication key-chain cisco

half-duplex

!

router rip

version 2

network 3.0.0.0

!

line con 0

exec-timeout 0 0

password xxx

login

line aux 0

password xxx

login

line vty 0 4

password xxx

login

!

End

-------------------------------

Seems like it encrypted the 'Key-string', however I was wondering is there a way to encrypt the cisco text for 'Key chain' too? I am just curious about how far the encryption is possible from here.

2 Accepted Solutions

Accepted Solutions

hi

i dont think you can mask the key entered under the interface mode as we can do out with ospf where you can use either 0 or 7 as an option to enter the key.

regds

View solution in original post

The key chain string is locally significant so it doesn't provide any harm if viewed in clear text on the config.

View solution in original post

2 Replies 2

hi

i dont think you can mask the key entered under the interface mode as we can do out with ospf where you can use either 0 or 7 as an option to enter the key.

regds

The key chain string is locally significant so it doesn't provide any harm if viewed in clear text on the config.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community