cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3918
Views
4
Helpful
1
Comments
Travis Williams
Community Member

Here's a secure way of fetching the ASA/PIX configuration including tunnel-groups pre-shared keys (as traditionally done by using the "copy running-config tftp" command).

Use the command "more system:running-config" from the CLI. As opposed to the "show running-config" command, this command shows the pre-shared keys in clear text.

Using a SSH session to access the ASA/PIX and listing the configuration using this command is easier and more secure than the traditional method.

-Emanuel Lipschütz, CCIE #9697, Netsafe International, Stockholm, Sweden

You should only do this when you are using SSH to access the device, not Telnet.

To receive the latest information on Cisco online tools, certifications, support documentation, insights from Cisco experts and peers, and upcoming events, check out the Cisco Technical Services Newsletter today.

Comments
vilaxmi
Cisco Employee
Cisco Employee

So, we really can see the pre-shared keys as well..Awesome..!!

Isnt there a tool also, for decrypting the PSKs from show run ?

Ideas..?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Quick Links