[nsp] cisco password hash problems?
Nick Kraal
nick at arc.net.my
Mon Apr 12 20:03:44 EDT 2004
This happened also on a couple of 7507s running (RSP-K91PV-M), Version
12.2(18)S4, RELEASE SOFTWARE (fc1).
-nick/
----- Original Message -----
From: "John Osmon" <josmon at rigozsaurus.com>
To: <cisco-nsp at puck.nether.net>
Sent: Tuesday, April 13, 2004 6:53 AM
Subject: [nsp] cisco password hash problems?
> I recently started running c7200-k91p-mz.122-18.S4.bin on a 7206.
> Once booted, I wasn't able to login with a one of the locally defined
> usernames. Resetting the password fixed things, but the fact that it
> happened at all annoyed me.
>
> With a little experimentation, I finally found out that the particular
> hash that I had was the problem.
> - It works fine in the older IOS version, but always fails with the
newer.
> - I created a new hash by using the same password on the older IOS,
> and had no problem when booting the new IOS
> - I created a new hash with the same password using the newer IOS
> and was able to login with either IOS version booted
>
> It's gotten me spooked enough that our new template for upgrading
> routers (especially remote ones) has a couple of new steps at the
> beginning:
> - no service password-encryption
> - username yyy password <new password>
> - write
>
> Once the upgrade is done, we'll add back 'service password-encryption'.
>
> Has anyone else experienced this problem? IOS details and the password
> hash are available to any of the Cisco folks that want to disect
> things...
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list