If you specify "username shmoe password 0 cisco" you are telling the router
that an unencrypted password follows.
If you want it to display the unencrypted password when you do a "sh run",
you need to use the "no service password-encryption" command. Without it,
the router will encrypt the password. Notice how when you did "username
shmoe password 0 cisco" your 0 tuned into a 7? That is telling you what
follows is encrypted, and the router does that automatically.
By the same token, you tell the route "username user password 7 cisco" it
now thinks that the ENCRYPTED password is cisco. Who knows what the clear
text (unencrypted) password would be. Be extremely careful when using this.
We had a sys-admin do this, and had to perform password recovery on it.
As for why the router is complaining about it being an unencrypted password
I couldn't answer, my 2503 is taking it just fine.
Let's walk through it and see if I can't confuse you more.
---
(output from 2503, IOS 11.2(11)P)
----
Ernie(config)#user shmoe password ?
0 Specifies an UNENCRYPTED password will follow
7 Specifies a HIDDEN password will follow
LINE The UNENCRYPTED (cleartext) user password
Ernie(config)#
Ernie(config)#user shmoe password 7 cisco
----
The sh run would look like:
----
version 11.2
!
service password-encryption
!
username shmoe password 7 cisco
----
Now, we'll put in "no service password-encryption" and remove and re-add our
user, but this time with a 0 in place of the 7.
----
Ernie(config)#no username shmoe
Ernie(config)#no service password-encryption
Ernie(config)#username shmoe password 0 cisco
Ernie(config)#end
Ernie#wr t
Building configuration...
Current configuration:
!
version 11.2
no service password-encryption
!
hostname Ernie
!
username shmoe password 0 cisco
----
The password is now clear text. Here is the same output after adding in
"service password-encryption".
Current configuration:
!
version 11.2
service password-encryption
!
hostname Ernie
!
username shmoe password 7 1511021F0725
---
See? The "password 0 cisco" turned into "password 7 1511021F0725".
Clear as mud!!
K
-----
Kristopher B. Climie, CCNP, CCDP
"Martin Eriksson" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi!
>
> While configuring two routers (one 2500 and one 1601, both with
> bri-interface) too call each
> other over isdn I discovered something strange.
>
> (1600 ios v11.2)
> When I try to set username and password for the connection I, as usual,
> use the command
>
> conf t
> username cisco2500 password 0 cisco
> (0 with the unencrypted_pass)
>
> The router takes the unencrypted pass and encrypts it, the conf
> is now : username cisco2500 password 7 030752180500.
>
> But by accident I happened to use
>
> conf t
> username cisco2500 password 7 cisco
> (7 but with the unencrypted_pass)
>
> The config says: username cisco2500 password 7 cisco
> -uh?
>
> (2500)
> When I try do to the same on the 2500 instead it complaints and
> says that cisco is a forbidden encrypted pass i.e. not
> encrypted...
>
> Shouldn't the 1600 respond in the same maner?
>
> best regards, Martin Eriksson
> -Communiction & SystemTech. Academy, Malmoe
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
