cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

VCS-Expressway Alarm about Root password being hashed using MD5

mhaymore
Beginner
Beginner

I logged into my VCS-Expressway after performing the x7.2 update, and have come across a new warning I had not seen before. It states:

1 alarm: * warning   Insecure password in use - The root user's password is hashed using MD5, which is not secure enough

I've looked around in the documentation, and have not found anything that mentioned this. Is it a matter of just resetting the password, which is already very strong, or is there something else I need to do to remove this alarm? Any ideas?

Thanks

Michael

1 ACCEPTED SOLUTION

Accepted Solutions

Alok Jaiswal
Cisco Employee
Cisco Employee

Hi Michael,

Thats a wraning generated as you are still using the default root password on expressway!!

a snippet from the document!!

An “Insecure password in use” alarm will be raised against the root account. This is because the VCS now uses SHA512 to hash passwords. Passwords were previously hashed using MD5. The root account will still be accessible but you are recommended to use the root passwd command to reset the root account password. Administrator account passwords are rehashed automatically on upgrade.

check below document for more details

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/release_note/Cisco_VCS_Release_Note_X7-2.pdf

page 7 has after upgrade information.

change the password for root!!

I hope it clarifies your doubt

Thanks

Alok

View solution in original post

6 REPLIES 6

Alok Jaiswal
Cisco Employee
Cisco Employee

Hi Michael,

Thats a wraning generated as you are still using the default root password on expressway!!

a snippet from the document!!

An “Insecure password in use” alarm will be raised against the root account. This is because the VCS now uses SHA512 to hash passwords. Passwords were previously hashed using MD5. The root account will still be accessible but you are recommended to use the root passwd command to reset the root account password. Administrator account passwords are rehashed automatically on upgrade.

check below document for more details

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/release_note/Cisco_VCS_Release_Note_X7-2.pdf

page 7 has after upgrade information.

change the password for root!!

I hope it clarifies your doubt

Thanks

Alok

I just confirmed that I am not using the default password for my Expressway. Your message did help though, I needed to re-run the passwd command on the VCS to re-hash the password in SHA512. Thanks.

Michael

Thanks for posting that. That clarified why I too was seeing the same alarm on my development VCS where I also am not using the default pw.