If you look over the previous examples, you’ll notice all
passwords are in cleartext, except for the enable secret password. This means
prying eyes might gather a password. You can secure the passwords in Global
Configuration mode by typing the service password-encryption
command. This permanently encrypts all passwords, so make sure you know what
they are. The following abbreviated output demonstrates the command and the
results:
Rtr1#conf t
Rtr1(config)#service password-encryption <-command
Rtr1(config)#^Z
Rtr1#sho run
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption <-command
!
hostname Rtr1
!
enable secret 5 $1$4F6c$D5iYCm31ri1cA9WwvAU220
enable password 7 15060E1F10 <-enable password
!
username remote password 7 070E224F4B1A0A <-local database
username scott password 7 02110B570D03 <-local database
!
line con 0
password 7 121A0C041104 <-line con password
login
line aux 0
password 7 121A0C041104 <-line aux password
login
line vty 0 4
login local
!
end
Note, typing no service password-encryption
won’t cause the passwords to revert to cleartext. The system will no longer
encrypt new passwords, but the existing ones remain encrypted. Make sure you
know a password before you encrypt it.
Sections
Comments (0 posted)
Syndication
