cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
614
Views
1
Helpful
10
Replies

Hide Password in ASA Configuration Backupfile

Iglu18
Beginner
Beginner

Hi 

Does anyone know if and how a password can be hidden in the ASA backup configuration file. Password is mask doing "show running-config on the box itself"

We are using Firewpower Appliance an the ASDM on it.

Best regards
Iglu

10 Replies 10

Have a look on this cisco good old document still very useful for this day even.

How to configure Master Passphrase on ASA 

please do not forget to rate.

Hi
Interesting Link but i just would like to have the password mask when I save the running-config via scp: or when i make a backup within ASDM.

And i have to make an addition. The only Password wich is in plain text is the "ldap-login-password"

I am not aware of something where you extract the configuration and it mask it. unless you do the master password as mentioned in previous post. Is your backup server is not secure? Just thinking you can zip the configuration with AES encryption.

please do not forget to rate.

Sorry I did not notice you mentined the Password for LDAP is showing in plain text. you can run this command this will encrypt the password "password-encryption aes"

The password encryption aes command enables password encryption and encrypts all user passwords

please do not forget to rate.

Iglu18
Beginner
Beginner

hi everybody.

I had again some time to troubleshoot. Even after the input of password encryption aes nothing has changed.
When I view the backup file on my computer in notepad, the ldap-login password is displayed in plain text. It looks like there is no  way to mask it.

In the ASA with show run it is masked.

it bug did you check link I share ?

Is is not that bug. in show-run  on the box the password is masked.

In the config-file wich i backuped it is in clerartext.

Iglu18
Beginner
Beginner

Hi Everybody

Is anyone able to test this in the own environment.
The Problem is when I backup the configuration file with copy running-config scp......
The configuration file on the SCP server shows the LDAP password in cleartext.

Regards

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: