Re: Radius Key string in Config - encrypted or plain text?

wendyf123 · ‎01-09-2007

Is the radius key string in the running config for an aironet AP displayed in plain text or a hash? Thanks in advance.

Benjamin Solero · ‎01-09-2007

Hi,

It could be displayed either way. If the digit preceding the key is a 7, then the key is hashed. If the digit preceding the key is a 0, then the key is unencrypted.

R1(config)#radius-server key ?

0 Specifies an UNENCRYPTED key will follow

7 Specifies HIDDEN key will follow

For example,

here's an encrypted key:

radius-server key 0 xxx

here's an unencrypted key:

radius-server key 7 xxx

Regards,

Ben

Rob Huffman · ‎01-10-2007

Hi Ben,

Great answer! 5 points all the way.

Keep up the good work!

Rob

jackyoung · ‎01-11-2007

Hi Ben, do you mean...

here's an encrypted key:

radius-server key 7 xxx

here's an unencrypted key:

radius-server key xxx

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hsec_r/sec_r1h.htm#wp1174071

Hope this helps.

Benjamin Solero · ‎01-11-2007

Hi Jack,

My original post was correct. The moderator of the forum edited my post to remove the bogus passwords. Unfortunately, they also removed the preceding '7' and '0'. It's a safety precaution cisco.com uses to keep inadvertant posting of real passwords.

Anyway, thanks for posting.

-Ben

jackyoung · ‎01-11-2007

Thanks for the clarifiaction. Ben. I do not know there is moderator will edit the post in Cisco forum .... :)