05-15-2007 07:13 PM - edited 03-03-2019 05:00 PM
I am practicing basic RIP md5 authentication. Using the "service password-encryption" gives me as follows-
-----------------------------------
!
key chain cisco
key 2
key-string xxx
!
interface FastEthernet0/0
no ip address
shutdown
half-duplex
!
interface FastEthernet1/0
ip address 3.x.x.1 255.255.255.0
ip rip authentication mode md5
ip rip authentication key-chain cisco
half-duplex
!
router rip
version 2
network 3.0.0.0
!
line con 0
exec-timeout 0 0
password xxx
login
line aux 0
password xxx
login
line vty 0 4
password xxx
login
!
End
-------------------------------
Seems like it encrypted the 'Key-string', however I was wondering is there a way to encrypt the cisco text for 'Key chain' too? I am just curious about how far the encryption is possible from here.
Solved! Go to Solution.
05-15-2007 07:39 PM
hi
i dont think you can mask the key entered under the interface mode as we can do out with ospf where you can use either 0 or 7 as an option to enter the key.
regds
05-15-2007 08:03 PM
The key chain string is locally significant so it doesn't provide any harm if viewed in clear text on the config.
05-15-2007 07:39 PM
hi
i dont think you can mask the key entered under the interface mode as we can do out with ospf where you can use either 0 or 7 as an option to enter the key.
regds
05-15-2007 08:03 PM
The key chain string is locally significant so it doesn't provide any harm if viewed in clear text on the config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide