On Tue, Mar 20, 2012 at 10:54 AM, Phil Shafer <p...@juniper.net> wrote:
> Matt Hite writes:
>>It's interesting to note just how many things are stored in $9$
>>encrypted format: RADIUS secrets, IS-IS authentication keys, BGP MD5
>>secrets, etc.
>
> It's really obfuscation, not encryption. These are values that
> have to be available in raw form to various software components.
> So we have this "unreadable" type that obfuscates the values so
> someone looking over your shoulder won't immediately know your
> secrets.
>
> In contrast, user passwords are encrypted in a "one way" method
> using the normal md5 hash marker ("$1$"). These cannot be
> reversed like the $9$ values.
Absolutely. Your clarification is appreciated.
-M
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
