11-17-2022 05:50 AM
Hi Guys!
We have an installation where the following commands were not issued at the beginning of the configuration:
1. key config-key password-encrypt (key)
2. password encryption aes
Consequently, except for user passwords, all passwords/secret/keys are now shown in cleartext in the configuration (sh run), such as:
- RADIUS shared secret
- WLAN related PSKs
- AP local login credentials
I want to issue the above command on C9800 to encrypt all sensitive data. I haven't done this before, so I'm wondering if issuing the commands will have any impact on the operation (mgmt access, RADIUS communication, wifi user connections, etc.), will users perceive anything about this? (I have remote access to the system)
Software version: 17.6.4
Thanks!
Solved! Go to Solution.
11-17-2022 06:08 AM - edited 11-17-2022 06:09 AM
You should be fine performing the type 6 configuration after. I have done that in the past many times as I typically don't do that initially. It's only type 8 where you have to configure the local user again.
11-17-2022 01:43 PM
As per what @Scott Fella said no issues. This is normally how I do it until all testing has been completed, as its much easier to see if I have fat fingered a PSK/Password when its in clear text. Post testing being successful I run those commands and then just do a sanity check to ensure everything still working - never had an issue
11-17-2022 06:08 AM - edited 11-17-2022 06:09 AM
You should be fine performing the type 6 configuration after. I have done that in the past many times as I typically don't do that initially. It's only type 8 where you have to configure the local user again.
11-17-2022 01:43 PM
As per what @Scott Fella said no issues. This is normally how I do it until all testing has been completed, as its much easier to see if I have fat fingered a PSK/Password when its in clear text. Post testing being successful I run those commands and then just do a sanity check to ensure everything still working - never had an issue
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: