cancel
Showing results for 
Search instead for 
Did you mean: 

sha256 encrypted username password

michael_payne_4
New Contributor II
What is the username password encryption strength number to indicate encrypted password is sha256?  For example, md5 encryption strength number is 8 (username joe password 8 ).
8 REPLIES 8

jijo_panangat
RUCKUS Team Member
Hello Michael,

On Fastiron software releases, the user account encrypted password uses MD5 encryption type.
You can also configure the password encryption service to encrypt the passwords with different types of encryption, such as SHA1 and SHA256, using the service password-encryption command.

ICX(config)#service password-encryption sha256
Warning: Moving to higher password-encryption type, Do you want to continue(y/n)? (enter 'y' or 'n'):y

If the password encryption service type is changed, only the users whose password encryption method matches the newly configured encryption method are allowed to log in. Apart from password encryption, all activities after creating the user account, such as logging in, modifying the local user account, and so on are bound by the configured password encryption service type.

The password encryption methods can be reverted to the default MD5 encryption type by using the no form of the service password-encryption { sha1 | sha256 } command.


Hope that helps


Thanks
Jijo 

michael_payne_4
New Contributor II
Hi Jijo, thanks for the reply.  I am aware of the command to change the encryption strength.  What I need is the encryption strength number, which indicates the encrypted password is SHA256 vice MD5 in the username command.

MD5:
username password 8
(In the command above the 8 indicates to the software that the following encrypted string was created using MD5 encryption type.)


SHA256:
username password
 
Thanks,

Michael

jijo_panangat
RUCKUS Team Member
Thanks Michael,

Currently, Cli doesn't offer an option of encryption strength number, it asks for clear text password and gets encrypted to MD5 by default once u configure it.

7450(config)#username ruckus password
  ASCII string   The UNENCRYPTED (cleartext) user password

7450(config)#username ruckus password ruckus123
7450(config)#show run | i user
username ruckus password .....

Hope that clarifies

Thanks
Jijo 

nbctcp
New Contributor III

ASK
1. how come after issuing
#service password-encryption sha256
my existing or new user password still the same starting with $1$
admin $1$T.pIm.tN$w9gN4CwCqi4ZArkg7kmE70 enabled 0 enabled Never
user1 $1$Pqq4SkHZ$IAGeOmAFX7J3PjJlkv91Q/ enabled 5 enabled Never

2. is that possible user with lower priviledge can't see other users hash password
tq