no service password-encryption should make all passwords you configure after
that not be encrypted. If you already have encrypted your passwords (with
Level 7 encryption) they will stay that way, but any passwords configured
after you put the command "no service password-encryption" in will go in
unencrypted.
Bryan Osoro
Marshal Schoener <[EMAIL PROTECTED]> wrote in message
D561FA4DFDF0D2119AA900104B1F46AE1AF37F@monster">news:D561FA4DFDF0D2119AA900104B1F46AE1AF37F@monster...
> Thanks for the info...
> My only problem now is that, "no service password-encryption"
> doesn't seem to be doing anything. I don't have a need for it, but I
wanted
> to see it work :-)
> I'm doing it from global config mode!!!
> Do you guys know what the problem can be?
>
> Thanks
>
> -----Original Message-----
> From: Jay Hennigan [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 05, 2000 2:28 PM
> To: Marshal Schoener
> Cc: 'Dale Holmes'; [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: RE: Telnet password
>
>
> On Wed, 6 Sep 2000, Marshal Schoener wrote:
>
> > Thank you :-)
> > That is almost exactly what I am seeing.
> > Only difference is the password is: 7 a9vyt3...
> > 7 is in front...
> > So, that means it is encrypted.
> > If I want to change this, can I just go in and change it there, or
> > is there something else I have to do first?
>
> You can simply change it
>
> conf t
> line vty 0 4
> password WORD
>
> if you have service password-encryption enabled, then when you show run it
> will be encrypted. When changing it, don't include the "7" ahead of the
> password, or the router will assume you're entering the encrypted string.
>
> Likewise, don't use a password that starts with "7" (or "5").
>
> The encryption is rather weak on all but the enable secret, btw.
>
> --- cut here ---
> #!/usr/local/bin/perl -w
> # $Id: ios7decrypt.pl,v 1.1 1998/01/11 21:31:12 mesrik Exp $
> #
> # Credits for orginal code and description [EMAIL PROTECTED],
> # SPHiXe, .mudge et al. and for John Bashinski <[EMAIL PROTECTED]>
> # for Cisco IOS password encryption facts.
> #
> # Use for any malice or illegal purposes strictly prohibited!
> #
>
> @xlat = ( 0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41,
> 0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c,
> 0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53 , 0x55, 0x42 );
>
> while (<>) {
> if (/(password|md5)\s+7\s+([\da-f]+)/io) {
> if (!(length($2) & 1)) {
> $ep = $2; $dp = "";
> ($s, $e) = ($2 =~ /^(..)(.+)/o);
> for ($i = 0; $i < length($e); $i+=2) {
> $dp .= sprintf "%c",hex(substr($e,$i,2))^$xlat[$s++];
> }
> s/7\s+$ep/$dp/;
> }
> }
> print;
> }
> # eof
> --- cut here ---
>
> If you don't have a perl interpreter, e-mail me the string starting
> with "password 7" and I'll let you know the plaintext.
>
> --
> Jay Hennigan - Network Administration - [EMAIL PROTECTED]
> NetLojix Communications, Inc. NASDAQ: NETX - http://www.netlojix.com/
> WestNet: Connecting you to the planet. 805 884-6323
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]