So I see now that the options for hashing passwords now has the scrypt (9) option. So how do we create a hashed password that the switch will accept?
I found a perl module that can create hashes, but the ones I've created are not acceptable.
#!/usr/bin/perl -w
use Crypt::ScryptKDF qw(scrypt_raw scrypt_hex scrypt_b64);
use strict;
my $password = "cisco";
my $N; # CPU/memory cost (has to be power of 2 and >1); DEFAULT: 2^14
my $r; # block size parameter; DEFAULT: 8
my $p; # parallelization parameter; DEFAULT: 1
my $len; # length of derived key (in bytes); DEFAULT: 32
#my $key_base64 = scrypt_b64($password, $N, $r, $p, $len)
my $key_base64 = scrypt_b64($password);
print "$key_base64\n";
exit;
Sample output:
$ ./scrypt_gen.pl
GJMxtei3rED6da5JiQEeNDGsq3EOwqebRpXzRszaM6w=
Thanks,
John