cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3952
Views
10
Helpful
6
Replies

VCS-Expressway Alarm about Root password being hashed using MD5

mhaymore
Level 1
Level 1

I logged into my VCS-Expressway after performing the x7.2 update, and have come across a new warning I had not seen before. It states:

1 alarm: * warning   Insecure password in use - The root user's password is hashed using MD5, which is not secure enough

I've looked around in the documentation, and have not found anything that mentioned this. Is it a matter of just resetting the password, which is already very strong, or is there something else I need to do to remove this alarm? Any ideas?

Thanks

Michael

1 Accepted Solution

Accepted Solutions

Alok Jaiswal
Cisco Employee
Cisco Employee

Hi Michael,

Thats a wraning generated as you are still using the default root password on expressway!!

a snippet from the document!!

An “Insecure password in use” alarm will be raised against the root account. This is because the VCS now uses SHA512 to hash passwords. Passwords were previously hashed using MD5. The root account will still be accessible but you are recommended to use the root passwd command to reset the root account password. Administrator account passwords are rehashed automatically on upgrade.

check below document for more details

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/release_note/Cisco_VCS_Release_Note_X7-2.pdf

page 7 has after upgrade information.

change the password for root!!

I hope it clarifies your doubt

Thanks

Alok

View solution in original post

6 Replies 6

Alok Jaiswal
Cisco Employee
Cisco Employee

Hi Michael,

Thats a wraning generated as you are still using the default root password on expressway!!

a snippet from the document!!

An “Insecure password in use” alarm will be raised against the root account. This is because the VCS now uses SHA512 to hash passwords. Passwords were previously hashed using MD5. The root account will still be accessible but you are recommended to use the root passwd command to reset the root account password. Administrator account passwords are rehashed automatically on upgrade.

check below document for more details

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/release_note/Cisco_VCS_Release_Note_X7-2.pdf

page 7 has after upgrade information.

change the password for root!!

I hope it clarifies your doubt

Thanks

Alok

I just confirmed that I am not using the default password for my Expressway. Your message did help though, I needed to re-run the passwd command on the VCS to re-hash the password in SHA512. Thanks.

Michael

Thanks for posting that. That clarified why I too was seeing the same alarm on my development VCS where I also am not using the default pw.

Insecure password in use The admin user has the default password set Raised Warning This system Change the admin password

 

When i click on change the admin password link:

Administrator accounts

Prohibited access: Page not accessible to 'Read-only' users

 

How can i change "Read-only" users to "Read-write".

 

 

Regards,

Shweta

 

 

Login to the VCS with the default admin account, which has read-write access:

  • Username: admin
  • Password: TANDBERG

You can then change the password under Users > Administrator Accounts.

Tomonori Taniguchi
Cisco Employee
Cisco Employee

You can find same information at page 66 of TelePresence VCS X7.2 Introduction presentation, https://supportforums.cisco.com/docs/DOC-26316 as well.