cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
528
Views
0
Helpful
2
Replies

Basic password encryption in router config

aksen1111
Level 1
Level 1

I am practicing basic RIP md5 authentication. Using the "service password-encryption" gives me as follows-

-----------------------------------

!

key chain cisco

key 2

key-string xxx

!

interface FastEthernet0/0

no ip address

shutdown

half-duplex

!

interface FastEthernet1/0

ip address 3.x.x.1 255.255.255.0

ip rip authentication mode md5

ip rip authentication key-chain cisco

half-duplex

!

router rip

version 2

network 3.0.0.0

!

line con 0

exec-timeout 0 0

password xxx

login

line aux 0

password xxx

login

line vty 0 4

password xxx

login

!

End

-------------------------------

Seems like it encrypted the 'Key-string', however I was wondering is there a way to encrypt the cisco text for 'Key chain' too? I am just curious about how far the encryption is possible from here.

2 Accepted Solutions

Accepted Solutions

spremkumar
Level 9
Level 9

hi

i dont think you can mask the key entered under the interface mode as we can do out with ospf where you can use either 0 or 7 as an option to enter the key.

regds

View solution in original post

Edison Ortiz
Hall of Fame
Hall of Fame

The key chain string is locally significant so it doesn't provide any harm if viewed in clear text on the config.

View solution in original post

2 Replies 2

spremkumar
Level 9
Level 9

hi

i dont think you can mask the key entered under the interface mode as we can do out with ospf where you can use either 0 or 7 as an option to enter the key.

regds

Edison Ortiz
Hall of Fame
Hall of Fame

The key chain string is locally significant so it doesn't provide any harm if viewed in clear text on the config.