Re: Telnet password

2000-09-08 Thread Jay Hennigan 

On Fri, 8 Sep 2000, Bryan Osoro wrote:

> That's not the case.  Previously encrypted passwords will stay encrypted,
> but new passwords configured will not be encrypted.  Shown in the following
> captured file..  :-)

I thought that's exactly what I said...

> Jay Hennigan <[EMAIL PROTECTED]> wrote in message
>
> > Reverting to the "no" will not cause previously encrypted passwords to
> > show in the clear again.
> >
> > Note that the enable secret is always encrypted, using a different and
> > much stronger algorithm.

-- 
Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED] 
NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
WestNet:  Connecting you to the planet.  805 884-6323 

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet password

2000-09-08 Thread Bryan Osoro 

That's not the case.  Previously encrypted passwords will stay encrypted,
but new passwords configured will not be encrypted.  Shown in the following
captured file..  :-)

In the capture file, you'll see the telnet password in clear text, then I do
a service password-encryption command, and the telnet password is encrypted.
I do "no service password-encryption" and then configure a con 0 password
note that the con 0 password is not encrypted, but the telnet is still
encrypted
=)

Bryan
Jay Hennigan <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> On Thu, 7 Sep 2000, Marshal Schoener wrote:
>
> > Thanks for the info...
> > My only problem now is that, "no service password-encryption"
> > doesn't seem to be doing anything.  I don't have a need for it, but I
wanted
> > to see it work :-)
> > I'm doing it from global config mode!!!
> > Do you guys know what the problem can be?
>
> No service password-encryption is the default, unless it's changed very
> recently.  With that set, enter a password for the vty lines, or another
> password.  Then do a "show running-config" and you'll see the password
> in clear text.  Next specify "service password-encryption" and you'll see
> the password preceded by a "7" and encrypted.
>
> Reverting to the "no" will not cause previously encrypted passwords to
> show in the clear again.
>
> Note that the enable secret is always encrypted, using a different and
> much stronger algorithm.
>
>
> --
> Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED]
> NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
> WestNet:  Connecting you to the planet.  805 884-6323
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


begin 666 Capture.txt
M" P#0IL:6YE('9T>2 P(#0-"B!P87-S=V]R9"!C:7-C;PT*(&QO
M9VEN#0HA#0IE;F0-"@T*7!T:6]N( T*7!T:6]N#0HA#0IH;W-T;F%M92!R;W5T97(-"B$-"F5N86)L92!S96-R970@
M-2 D,20R,%AD)' Q-%0V;G%K=5DU,6%S0C$Y2W9P3B\-"F5N86)L92!P87-S
M=V]R9" W(# P,#8Q0S T#0HA#0IN;R!I<"!R;W5T:6YG#0IN;R!I<"!D;VUA
M:6XM;&]O:W5P#0HA#0HA#0II;G1E" P#0IL:6YE('9T>2 P(#0-
M"B!P87-S=V]R9" W(# R,#4P1#0X,#@P.0T*(&QO9VEN#0HA#0IE;F0-"@T*
M7!T:6]N( T*7!T:6]N
M#0HA#0IH;W-T;F%M92!R;W5T97(-"B$-"F5N86)L92!S96-R970@-2 D,20R
M,%AD)' Q-%0V;G%K=5DU,6%S0C$Y2W9P3B\-"F5N86)L92!P87-S=V]R9" W
M(# P,#8Q0S T#0HA#0IN;R!I<"!R;W5T:6YG#0IN;R!I<"!D;VUA:6XM;&]O
M:W5P#0HA#0HA#0II;G1Ehttp://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Telnet password

2000-09-07 Thread Leonard Ong 

Dear Marshal,

You were referring to a password line with '7' as the early part.
It's a enable secret which is ALWAYS encrypted wheather you specify
to use password-encryption or not.

To have an enable password that is not encrypted erase your enable secret
and use enable password instead.

Service-encryption only decode/encode vty/con password that begin with '5'

Thanks

Regards,
Leonard Ong, ST, CCNP R&S+Voice, CCDP R&S, CSE, SAIR&GNU LCP, MCP, BCP
   (Íõ¶°ºÀ) | [EMAIL PROTECTED]  -  Share Knowledge together!
| ICQ : 1041402 == http://www.poboxes.com/Leonard_Ong


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Telnet password

2000-09-07 Thread Jay Hennigan 

On Thu, 7 Sep 2000, Marshal Schoener wrote:

> Thanks for the info...
> My only problem now is that, "no service password-encryption"
> doesn't seem to be doing anything.  I don't have a need for it, but I wanted
> to see it work :-)
> I'm doing it from global config mode!!!
> Do you guys know what the problem can be? 

No service password-encryption is the default, unless it's changed very
recently.  With that set, enter a password for the vty lines, or another 
password.  Then do a "show running-config" and you'll see the password 
in clear text.  Next specify "service password-encryption" and you'll see
the password preceded by a "7" and encrypted.  

Reverting to the "no" will not cause previously encrypted passwords to 
show in the clear again. 

Note that the enable secret is always encrypted, using a different and 
much stronger algorithm.


-- 
Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED] 
NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
WestNet:  Connecting you to the planet.  805 884-6323 

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet password

2000-09-07 Thread Bryan Osoro 

no service password-encryption should make all passwords you configure after
that not be encrypted.  If you already have encrypted your passwords (with
Level 7 encryption) they will stay that way, but any passwords configured
after you put the command "no service password-encryption" in will go in
unencrypted.

Bryan Osoro

Marshal Schoener <[EMAIL PROTECTED]> wrote in message
D561FA4DFDF0D2119AA900104B1F46AE1AF37F@monster">news:D561FA4DFDF0D2119AA900104B1F46AE1AF37F@monster...
> Thanks for the info...
> My only problem now is that, "no service password-encryption"
> doesn't seem to be doing anything.  I don't have a need for it, but I
wanted
> to see it work :-)
> I'm doing it from global config mode!!!
> Do you guys know what the problem can be?
>
> Thanks
>
> -Original Message-
> From: Jay Hennigan [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 05, 2000 2:28 PM
> To: Marshal Schoener
> Cc: 'Dale Holmes'; [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: RE: Telnet password
>
>
> On Wed, 6 Sep 2000, Marshal Schoener wrote:
>
> > Thank you :-)
> > That is almost exactly what I am seeing.
> > Only difference is the password is: 7 a9vyt3...
> > 7 is in front...
> > So, that means it is encrypted.
> > If I want to change this, can I just go in and change it there, or
> > is there something else I have to do first?
>
> You can simply change it
>
> conf t
> line vty 0 4
> password WORD
>
> if you have service password-encryption enabled, then when you show run it
> will be encrypted.  When changing it, don't include the "7" ahead of the
> password, or the router will assume you're entering the encrypted string.
>
> Likewise, don't use a password that starts with "7" (or "5").
>
> The encryption is rather weak on all but the enable secret, btw.
>
> --- cut here ---
> #!/usr/local/bin/perl -w
> # $Id: ios7decrypt.pl,v 1.1 1998/01/11 21:31:12 mesrik Exp $
> #
> # Credits for orginal code and description [EMAIL PROTECTED],
> # SPHiXe, .mudge et al. and for John Bashinski <[EMAIL PROTECTED]>
> # for Cisco IOS password encryption facts.
> #
> # Use for any malice or illegal purposes strictly prohibited!
> #
>
> @xlat = ( 0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41,
>   0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c,
>   0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53 , 0x55, 0x42 );
>
> while (<>) {
> if (/(password|md5)\s+7\s+([\da-f]+)/io) {
> if (!(length($2) & 1)) {
> $ep = $2; $dp = "";
> ($s, $e) = ($2 =~ /^(..)(.+)/o);
> for ($i = 0; $i < length($e); $i+=2) {
> $dp .= sprintf "%c",hex(substr($e,$i,2))^$xlat[$s++];
> }
> s/7\s+$ep/$dp/;
> }
> }
> print;
> }
> # eof
> --- cut here ---
>
> If you don't have a perl interpreter, e-mail me the string starting
> with "password 7" and I'll let you know the plaintext.
>
> --
> Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED]
> NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
> WestNet:  Connecting you to the planet.  805 884-6323
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Telnet password

2000-09-07 Thread Marshal Schoener 

Thanks for the info...
My only problem now is that, "no service password-encryption"
doesn't seem to be doing anything.  I don't have a need for it, but I wanted
to see it work :-)
I'm doing it from global config mode!!!
Do you guys know what the problem can be? 

Thanks

-Original Message-
From: Jay Hennigan [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 05, 2000 2:28 PM
To: Marshal Schoener
Cc: 'Dale Holmes'; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Telnet password


On Wed, 6 Sep 2000, Marshal Schoener wrote:

> Thank you :-)
> That is almost exactly what I am seeing.
> Only difference is the password is: 7 a9vyt3...
> 7 is in front...
> So, that means it is encrypted.
> If I want to change this, can I just go in and change it there, or 
> is there something else I have to do first?

You can simply change it

conf t
line vty 0 4
password WORD

if you have service password-encryption enabled, then when you show run it
will be encrypted.  When changing it, don't include the "7" ahead of the 
password, or the router will assume you're entering the encrypted string.  

Likewise, don't use a password that starts with "7" (or "5").

The encryption is rather weak on all but the enable secret, btw.  

--- cut here ---
#!/usr/local/bin/perl -w
# $Id: ios7decrypt.pl,v 1.1 1998/01/11 21:31:12 mesrik Exp $
#
# Credits for orginal code and description [EMAIL PROTECTED],
# SPHiXe, .mudge et al. and for John Bashinski <[EMAIL PROTECTED]>
# for Cisco IOS password encryption facts.
#
# Use for any malice or illegal purposes strictly prohibited!
#
 
@xlat = ( 0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41,
  0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c,
  0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53 , 0x55, 0x42 );

while (<>) {
if (/(password|md5)\s+7\s+([\da-f]+)/io) {
if (!(length($2) & 1)) {
$ep = $2; $dp = "";
($s, $e) = ($2 =~ /^(..)(.+)/o);
for ($i = 0; $i < length($e); $i+=2) {
$dp .= sprintf "%c",hex(substr($e,$i,2))^$xlat[$s++];
}
s/7\s+$ep/$dp/;
}
}
print;
}
# eof
--- cut here ---

If you don't have a perl interpreter, e-mail me the string starting
with "password 7" and I'll let you know the plaintext.

-- 
Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED] 
NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
WestNet:  Connecting you to the planet.  805 884-6323 

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Telnet password

2000-09-05 Thread Jay Hennigan 

On Tue, 5 Sep 2000, Dale Holmes wrote:

> Then you are done... Note that you will not be able to determine what the 
> new password is from reading the config... If you want to be able to see the 
> password in the config file in plain text (and I have NO IDEA why you would 
> want this), use the "no service password-encryption" command from global 
> config mode...

Note that this won't work to display a password that has previously been
encrypted.  In other words, if "service password-encryption" was enabled 
when the configuration containing the password was saved, then going back
later and entering "no service password-encryption" won't cause it to 
display.  

See the perl script I posted previously if you really need to do this.

-- 
Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED] 
NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
WestNet:  Connecting you to the planet.  805 884-6323 

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Telnet password

2000-09-05 Thread Jay Hennigan 

On Wed, 6 Sep 2000, Marshal Schoener wrote:

> Thank you :-)
> That is almost exactly what I am seeing.
> Only difference is the password is: 7 a9vyt3...
> 7 is in front...
> So, that means it is encrypted.
> If I want to change this, can I just go in and change it there, or 
> is there something else I have to do first?

You can simply change it

conf t
line vty 0 4
password WORD

if you have service password-encryption enabled, then when you show run it
will be encrypted.  When changing it, don't include the "7" ahead of the 
password, or the router will assume you're entering the encrypted string.  

Likewise, don't use a password that starts with "7" (or "5").

The encryption is rather weak on all but the enable secret, btw.  

--- cut here ---
#!/usr/local/bin/perl -w
# $Id: ios7decrypt.pl,v 1.1 1998/01/11 21:31:12 mesrik Exp $
#
# Credits for orginal code and description [EMAIL PROTECTED],
# SPHiXe, .mudge et al. and for John Bashinski <[EMAIL PROTECTED]>
# for Cisco IOS password encryption facts.
#
# Use for any malice or illegal purposes strictly prohibited!
#
 
@xlat = ( 0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41,
  0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c,
  0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53 , 0x55, 0x42 );

while (<>) {
if (/(password|md5)\s+7\s+([\da-f]+)/io) {
if (!(length($2) & 1)) {
$ep = $2; $dp = "";
($s, $e) = ($2 =~ /^(..)(.+)/o);
for ($i = 0; $i < length($e); $i+=2) {
$dp .= sprintf "%c",hex(substr($e,$i,2))^$xlat[$s++];
}
s/7\s+$ep/$dp/;
}
}
print;
}
# eof
--- cut here ---

If you don't have a perl interpreter, e-mail me the string starting
with "password 7" and I'll let you know the plaintext.

-- 
Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED] 
NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
WestNet:  Connecting you to the planet.  805 884-6323 


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Telnet password

2000-09-05 Thread Daniel Cotts 

You can just change the password. Because you have "service
password-encryption" in your config the new password will be encrypted also.
For fun you can do a "no service password-encryption", then change the
password. You will see the new password in plain text in the config. Then,
if you wish, go back to password encryption.

> -Original Message-
> From: Marshal Schoener [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 05, 2000 3:42 PM
> To: 'Dale Holmes'; [EMAIL PROTECTED]; Marshal Schoener;
> [EMAIL PROTECTED]
> Subject: RE: Telnet password
> 
> 
> Thank you :-)
> That is almost exactly what I am seeing.
> Only difference is the password is: 7 a9vyt3...
> 7 is in front...
> So, that means it is encrypted.
> If I want to change this, can I just go in and change it there, or 
> is there something else I have to do first?
> Thanks a million.
> 
> -Original Message-
> From: Dale Holmes [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 05, 2000 1:39 PM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; 
> [EMAIL PROTECTED]
> Subject: Re: Telnet password
> 
> 
> Eh?
> 
> No, I meant is the "service password-encryption" configured 
> on the router? 
> If so, then the password will not be written in plain text in 
> the router 
> config file... so if you use a command like:
> 
> show running-config
> 
> You might see something like:
> 
> line vty 0 4
> password a9vyt3$l3 7
> login
> 
> In this case, the password is encrypted. The actual password is not 
> "a9vyt3$l3". Typing that string in when prompted for a 
> password will not log
> 
> you into the router. That's what I am saying (and I thought 
> that's what the 
> original poster was seeing).
> 
> What traverses the wire is of course not encrypted, unless 
> you make it so by
> 
> some other means not described here...
> 
> Dale
> [=`)
> 
> >From: "jh" <[EMAIL PROTECTED]>
> >To: "Dale Holmes" <[EMAIL PROTECTED]>, 
> <[EMAIL PROTECTED]>, 
> ><[EMAIL PROTECTED]>
> >Subject: Re: Telnet password
> >Date: Tue, 5 Sep 2000 17:14:28 -0400
> >
> >The telnet session as a whole, password,communication is not 
> encrypted. It
> >is very easily sniffed.
> >
> >  How is goes across the wire and how it is stored are two 
> different items.
> >
> >
> >- Original Message -
> >From: "Dale Holmes" <[EMAIL PROTECTED]>
> >To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> >Sent: Tuesday, September 05, 2000 1:14 PM
> >Subject: Re: Telnet password
> >
> >
> > > Is the password encrypted? If so, the then what you see 
> in the config is
> >the
> > > encrypted password, not the password itself...
> > >
> > > Dale
> > > [=`)
> > >
> > > >From: Marshal Schoener <[EMAIL PROTECTED]>
> > > >Reply-To: Marshal Schoener <[EMAIL PROTECTED]>
> > > >To: [EMAIL PROTECTED]
> > > >Subject: Telnet password
> > > >Date: Wed, 6 Sep 2000 00:06:00 +0800
> > > >
> > > >I'm telnetting into a router using a password that I can't find 
> >anywhere
> > > >:-)
> > > >
> > > >I look at the running-config, and see 'line vty 0 4'
> > > >password (password)...
> > > >login
> > > >
> > > >However, this isn't the password that I use to telnet in, and it 
> >doesn't
> > > >work if
> > > >I try it!!!  Can anyone help me to understand this :-)
> > > >I would like to change the password used to telnet in, 
> but I just can't
> > > >figure
> > > >this out...
> > > >Thanks a million in advance.
> > > >
> > > >
> > > >___
> > > >UPDATED Posting Guidelines: 
> http://www.groupstudy.com/list/guide.html
> > > >FAQ, list 
> archives, and subscription info: http://www.groupstudy.com
> > > >Report misconduct and Nondisclosure violations to 
> [EMAIL PROTECTED]
> > >
> > > 
> >_

> 

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Telnet password

2000-09-05 Thread Dale Holmes 

Login to the router
Enter Priveleged mode
Enter config mode
Enter Line config mode
Change the password

EX:
password:***
Router>enable
password: *
Router#config term
Router(config)#line vty 0 4
Router(config-line)#password whatever
Ctrl-Z
Router#copy runn start

Then you are done... Note that you will not be able to determine what the 
new password is from reading the config... If you want to be able to see the 
password in the config file in plain text (and I have NO IDEA why you would 
want this), use the "no service password-encryption" command from global 
config mode...

Dale
[=`)



>From: Marshal Schoener <[EMAIL PROTECTED]>
>Reply-To: Marshal Schoener <[EMAIL PROTECTED]>
>To: "'Dale Holmes'" <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
>Marshal Schoener <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>Subject: RE: Telnet password
>Date: Wed, 6 Sep 2000 04:41:32 +0800
>
>Thank you :-)
>That is almost exactly what I am seeing.
>Only difference is the password is: 7 a9vyt3...
>7 is in front...
>So, that means it is encrypted.
>If I want to change this, can I just go in and change it there, or
>is there something else I have to do first?
>Thanks a million.
>
>-Original Message-
>From: Dale Holmes [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, September 05, 2000 1:39 PM
>To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
>Subject: Re: Telnet password
>
>
>Eh?
>
>No, I meant is the "service password-encryption" configured on the router?
>If so, then the password will not be written in plain text in the router
>config file... so if you use a command like:
>
>show running-config
>
>You might see something like:
>
>line vty 0 4
>password a9vyt3$l3 7
>login
>
>In this case, the password is encrypted. The actual password is not
>"a9vyt3$l3". Typing that string in when prompted for a password will not 
>log
>
>you into the router. That's what I am saying (and I thought that's what the
>original poster was seeing).
>
>What traverses the wire is of course not encrypted, unless you make it so 
>by
>
>some other means not described here...
>
>Dale
>[=`)
>
> >From: "jh" <[EMAIL PROTECTED]>
> >To: "Dale Holmes" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>,
> ><[EMAIL PROTECTED]>
> >Subject: Re: Telnet password
> >Date: Tue, 5 Sep 2000 17:14:28 -0400
> >
> >The telnet session as a whole, password,communication is not encrypted. 
>It
> >is very easily sniffed.
> >
> >  How is goes across the wire and how it is stored are two different 
>items.
> >
> >
> >- Original Message -
> >From: "Dale Holmes" <[EMAIL PROTECTED]>
> >To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> >Sent: Tuesday, September 05, 2000 1:14 PM
> >Subject: Re: Telnet password
> >
> >
> > > Is the password encrypted? If so, the then what you see in the config 
>is
> >the
> > > encrypted password, not the password itself...
> > >
> > > Dale
> > > [=`)
> > >
> > > >From: Marshal Schoener <[EMAIL PROTECTED]>
> > > >Reply-To: Marshal Schoener <[EMAIL PROTECTED]>
> > > >To: [EMAIL PROTECTED]
> > > >Subject: Telnet password
> > > >Date: Wed, 6 Sep 2000 00:06:00 +0800
> > > >
> > > >I'm telnetting into a router using a password that I can't find
> >anywhere
> > > >:-)
> > > >
> > > >I look at the running-config, and see 'line vty 0 4'
> > > >password (password)...
> > > >login
> > > >
> > > >However, this isn't the password that I use to telnet in, and it
> >doesn't
> > > >work if
> > > >I try it!!!  Can anyone help me to understand this :-)
> > > >I would like to change the password used to telnet in, but I just 
>can't
> > > >figure
> > > >this out...
> > > >Thanks a million in advance.
> > > >
> > > >
> > > >___
> > > >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > > >FAQ, list archives, and subscription info: http://www.groupstudy.com
> > > >Report misconduct and Nondisclosure violations to 
>[EMAIL PROTECTED]
> > >
> > >
> >_
> > > Get Your Private, Free E-mail from MSN Hotmail at
>

RE: Telnet password

2000-09-05 Thread Marshal Schoener 

Thank you :-)
That is almost exactly what I am seeing.
Only difference is the password is: 7 a9vyt3...
7 is in front...
So, that means it is encrypted.
If I want to change this, can I just go in and change it there, or 
is there something else I have to do first?
Thanks a million.

-Original Message-
From: Dale Holmes [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 05, 2000 1:39 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: Telnet password


Eh?

No, I meant is the "service password-encryption" configured on the router? 
If so, then the password will not be written in plain text in the router 
config file... so if you use a command like:

show running-config

You might see something like:

line vty 0 4
password a9vyt3$l3 7
login

In this case, the password is encrypted. The actual password is not 
"a9vyt3$l3". Typing that string in when prompted for a password will not log

you into the router. That's what I am saying (and I thought that's what the 
original poster was seeing).

What traverses the wire is of course not encrypted, unless you make it so by

some other means not described here...

Dale
[=`)

>From: "jh" <[EMAIL PROTECTED]>
>To: "Dale Holmes" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>, 
><[EMAIL PROTECTED]>
>Subject: Re: Telnet password
>Date: Tue, 5 Sep 2000 17:14:28 -0400
>
>The telnet session as a whole, password,communication is not encrypted. It
>is very easily sniffed.
>
>  How is goes across the wire and how it is stored are two different items.
>
>
>- Original Message -
>From: "Dale Holmes" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
>Sent: Tuesday, September 05, 2000 1:14 PM
>Subject: Re: Telnet password
>
>
> > Is the password encrypted? If so, the then what you see in the config is
>the
> > encrypted password, not the password itself...
> >
> > Dale
> > [=`)
> >
> > >From: Marshal Schoener <[EMAIL PROTECTED]>
> > >Reply-To: Marshal Schoener <[EMAIL PROTECTED]>
> > >To: [EMAIL PROTECTED]
> > >Subject: Telnet password
> > >Date: Wed, 6 Sep 2000 00:06:00 +0800
> > >
> > >I'm telnetting into a router using a password that I can't find 
>anywhere
> > >:-)
> > >
> > >I look at the running-config, and see 'line vty 0 4'
> > >password (password)...
> > >login
> > >
> > >However, this isn't the password that I use to telnet in, and it 
>doesn't
> > >work if
> > >I try it!!!  Can anyone help me to understand this :-)
> > >I would like to change the password used to telnet in, but I just can't
> > >figure
> > >this out...
> > >Thanks a million in advance.
> > >
> > >
> > >___
> > >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > >FAQ, list archives, and subscription info: http://www.groupstudy.com
> > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
> > 
>_
> > Get Your Private, Free E-mail from MSN Hotmail at 
>http://www.hotmail.com.
> >
> > Share information about yourself, create your own public profile at
> > http://profiles.msn.com.
> >
> > ___
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet password

2000-09-05 Thread Dale Holmes 

Eh?

No, I meant is the "service password-encryption" configured on the router? 
If so, then the password will not be written in plain text in the router 
config file... so if you use a command like:

show running-config

You might see something like:

line vty 0 4
password a9vyt3$l3 7
login

In this case, the password is encrypted. The actual password is not 
"a9vyt3$l3". Typing that string in when prompted for a password will not log 
you into the router. That's what I am saying (and I thought that's what the 
original poster was seeing).

What traverses the wire is of course not encrypted, unless you make it so by 
some other means not described here...

Dale
[=`)

>From: "jh" <[EMAIL PROTECTED]>
>To: "Dale Holmes" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>, 
><[EMAIL PROTECTED]>
>Subject: Re: Telnet password
>Date: Tue, 5 Sep 2000 17:14:28 -0400
>
>The telnet session as a whole, password,communication is not encrypted. It
>is very easily sniffed.
>
>  How is goes across the wire and how it is stored are two different items.
>
>
>- Original Message -
>From: "Dale Holmes" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
>Sent: Tuesday, September 05, 2000 1:14 PM
>Subject: Re: Telnet password
>
>
> > Is the password encrypted? If so, the then what you see in the config is
>the
> > encrypted password, not the password itself...
> >
> > Dale
> > [=`)
> >
> > >From: Marshal Schoener <[EMAIL PROTECTED]>
> > >Reply-To: Marshal Schoener <[EMAIL PROTECTED]>
> > >To: [EMAIL PROTECTED]
> > >Subject: Telnet password
> > >Date: Wed, 6 Sep 2000 00:06:00 +0800
> > >
> > >I'm telnetting into a router using a password that I can't find 
>anywhere
> > >:-)
> > >
> > >I look at the running-config, and see 'line vty 0 4'
> > >password (password)...
> > >login
> > >
> > >However, this isn't the password that I use to telnet in, and it 
>doesn't
> > >work if
> > >I try it!!!  Can anyone help me to understand this :-)
> > >I would like to change the password used to telnet in, but I just can't
> > >figure
> > >this out...
> > >Thanks a million in advance.
> > >
> > >
> > >___
> > >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > >FAQ, list archives, and subscription info: http://www.groupstudy.com
> > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
> > 
>_
> > Get Your Private, Free E-mail from MSN Hotmail at 
>http://www.hotmail.com.
> >
> > Share information about yourself, create your own public profile at
> > http://profiles.msn.com.
> >
> > ___
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet password

2000-09-05 Thread Dale Holmes 

Eh?

No, I meant is the "service password-encryption" configured on the router? 
If so, then the password will not be written in plain text in the router 
config file... so if you use a command like:

show running-config

You might see something like:

line vty 0 4
password a9vyt3$l3 7
login

In this case, the password is encrypted. The actual password is not 
"a9vyt3$l3". Typing that string in when prompted for a password will not log 
you into the router. That's what I am saying (and I thought that's what the 
original poster was seeing).

What traverses the wire is of course not encrypted, unless you make it so by 
some other means not described here...

Dale
[=`)

>From: "jh" <[EMAIL PROTECTED]>
>To: "Dale Holmes" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>, 
><[EMAIL PROTECTED]>
>Subject: Re: Telnet password
>Date: Tue, 5 Sep 2000 17:14:28 -0400
>
>The telnet session as a whole, password,communication is not encrypted. It
>is very easily sniffed.
>
>  How is goes across the wire and how it is stored are two different items.
>
>
>- Original Message -
>From: "Dale Holmes" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
>Sent: Tuesday, September 05, 2000 1:14 PM
>Subject: Re: Telnet password
>
>
> > Is the password encrypted? If so, the then what you see in the config is
>the
> > encrypted password, not the password itself...
> >
> > Dale
> > [=`)
> >
> > >From: Marshal Schoener <[EMAIL PROTECTED]>
> > >Reply-To: Marshal Schoener <[EMAIL PROTECTED]>
> > >To: [EMAIL PROTECTED]
> > >Subject: Telnet password
> > >Date: Wed, 6 Sep 2000 00:06:00 +0800
> > >
> > >I'm telnetting into a router using a password that I can't find 
>anywhere
> > >:-)
> > >
> > >I look at the running-config, and see 'line vty 0 4'
> > >password (password)...
> > >login
> > >
> > >However, this isn't the password that I use to telnet in, and it 
>doesn't
> > >work if
> > >I try it!!!  Can anyone help me to understand this :-)
> > >I would like to change the password used to telnet in, but I just can't
> > >figure
> > >this out...
> > >Thanks a million in advance.
> > >
> > >
> > >___
> > >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > >FAQ, list archives, and subscription info: http://www.groupstudy.com
> > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
> > 
>_
> > Get Your Private, Free E-mail from MSN Hotmail at 
>http://www.hotmail.com.
> >
> > Share information about yourself, create your own public profile at
> > http://profiles.msn.com.
> >
> > ___
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet password

2000-09-05 Thread jh 

The telnet session as a whole, password,communication is not encrypted. It
is very easily sniffed.

 How is goes across the wire and how it is stored are two different items.


- Original Message -
From: "Dale Holmes" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, September 05, 2000 1:14 PM
Subject: Re: Telnet password


> Is the password encrypted? If so, the then what you see in the config is
the
> encrypted password, not the password itself...
>
> Dale
> [=`)
>
> >From: Marshal Schoener <[EMAIL PROTECTED]>
> >Reply-To: Marshal Schoener <[EMAIL PROTECTED]>
> >To: [EMAIL PROTECTED]
> >Subject: Telnet password
> >Date: Wed, 6 Sep 2000 00:06:00 +0800
> >
> >I'm telnetting into a router using a password that I can't find anywhere
> >:-)
> >
> >I look at the running-config, and see 'line vty 0 4'
> >password (password)...
> >login
> >
> >However, this isn't the password that I use to telnet in, and it doesn't
> >work if
> >I try it!!!  Can anyone help me to understand this :-)
> >I would like to change the password used to telnet in, but I just can't
> >figure
> >this out...
> >Thanks a million in advance.
> >
> >
> >___
> >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> >FAQ, list archives, and subscription info: http://www.groupstudy.com
> >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> _
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> Share information about yourself, create your own public profile at
> http://profiles.msn.com.
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet password

2000-09-05 Thread Dale Holmes 

Is the password encrypted? If so, the then what you see in the config is the 
encrypted password, not the password itself...

Dale
[=`)

>From: Marshal Schoener <[EMAIL PROTECTED]>
>Reply-To: Marshal Schoener <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Telnet password
>Date: Wed, 6 Sep 2000 00:06:00 +0800
>
>I'm telnetting into a router using a password that I can't find anywhere 
>:-)
>
>I look at the running-config, and see 'line vty 0 4'
>password (password)...
>login
>
>However, this isn't the password that I use to telnet in, and it doesn't
>work if
>I try it!!!  Can anyone help me to understand this :-)
>I would like to change the password used to telnet in, but I just can't
>figure
>this out...
>Thanks a million in advance.
>
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]