I need to turn on "password encryption aes" on IOS-XE/IOS based devices (some compliance requrement). So, how this feature exactly works? Will this only encrypt username/enable passwords, or also tacacs keys, BGP auth keys and other encrypted strings? If i'll enter this on a running switch/router - will this reencrypt passwords already present in the configuration, or will it be used only for a new ones, created after entering "password encryption aes"?
on IOS - service password-encryption
on NX-OS - feature password encryption aes
Hi, "password encryption aes" is not the same as "service password-encryption" - these are two different commands doing different things.
I'm referring only to IOS/IOS-XE, not NX-OS.
switch(config)#password encryption ?
aes Enable stronger (AES) password encryption
I'm asking specificaly about "password encryption aes" - enable stronger (AES) password encryption.