[c-nsp] TACACS "emergency" password management
Lee
ler762 at gmail.com
Mon Nov 1 15:48:01 EDT 2010
On 11/1/10, Saxon Jones <saxon.jones at gmail.com> wrote:
..snip..
>
> We use randomly generated passwords that are unique for every device
> in our environment, so could be a PITA when we have to change
> passwords but I've got that process scripted so it's only half bad.
> It's the testing that's time consuming, though maybe there's a way to
> test that the enable secret works when TACACS+ is still available,
Use john the ripper to check the password. Create a one line wordlist
with the clear-text password & give john the encrypted password from
the config
Lee
More information about the cisco-nsp
mailing list