cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

How to recover a pre-shared key on the PIX / ASA.

27352
Views
10
Helpful
1
Comments

Core issue

Once a pre-shared is configured, it is encrypted, and you cannot see it in the running configuration. It is displayed as ********.

Resolution

To view the system configuration in 7.x code without "********", use the command below:

         ASA#moresystem://running-config

Alternatively to recover, perform one of the three solutions:

  • Upload your configuration to a TFTP server. This is needed because once the configuration is sent to the TFTP server, the pre-shared key and other passwords appear as clear text (instead of  ******** , as in the show run command).

    To upload your configuration to a TFTP server, issue this command:

    ASA#write net [[server_ip]:[filename]]):

    Once the file is saved on the TFTP server, you can open it with a text editor and view the passwords in clear text.

  • The configuration can also be uploaded to an FTP server. This is the command:

    ASA#copy running-config ftp://USERNAME:PASSWORD@ServerIP/

  • A copy of the configuration can be saved in clear text on the ASA only. Issue these commands on the Adaptive Security Appliance (ASA) :

    ASA#copy run

    ASA#more

After performing one of these options, you should be able to see the pre-shared key.

For further information refer to the copy command.


Comments
Beginner

Hi,

I need to see the passwords in clear text those i have in my ASA local database. because I need to create them in AAA with same username/Password. I tried all of the three solution but all of them showing pre-share key as clear text but not the passwords of the users. Is there any other way to get them in clear text?


your help will be highly appreciated.