Service Manual
Enable the obscuring of passwords and keys, including RADIUS, TACACS+ keys, router authentication
strings, VRRP authentication, use the service obscure-passwords command.
Defaults Disabled.
Command Modes CONFIGURATION
Command
History
This guide is platform-specific. For command information about other platforms, refer to the relevant Dell
Networking OS Command Line Reference Guide.
The following is a list of the Dell Networking OS version history for this command.
Version Description
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.7(0.0) Introduced on the S6000-ON.
9.6(0.0) Introduced on the S4810, S4820T, S5000, S6000, Z9000, Z9500, MXL
Usage
Information
By default, the service password-encryption command stores encrypted passwords. For greater
security, you can also use the service obscure-passwords command to prevent a user from
reading the passwords and keys, including RADIUS, TACACS+ keys, router authentication strings, VRRP
authentication by obscuring this information. Passwords and keys are stored encrypted in the
configuration file and by default are displayed in the encrypted form when the configuration is displayed.
Enabling theservice obscure-passwords command displays asterisks instead of the encrypted
passwords and keys. This command prevents a user from reading these passwords and keys by obscuring
this information with asterisks.
Password obscuring masks the password and keys for display only but does not change the contents of
the file. The string of asterisks is the same length as the encrypted string for that line of configuration. To
verify that you have successfully obscured passwords and keys, use the show running-config
command orshow startup-config command.
If you are using role-based access control (RBAC), only the system administrator and security
administrator roles can enable the service obscure-password command.
Related
Commands
show running-config— Display the current configuration and display changes from the default values.
service password-encryption— Encrypts all passwords configured in the system.
Authentication and Password Commands
To manage access to the system, use the following the commands.
aaa authentication enable
Configure AAA Authentication method lists for user access to EXEC privilege mode (the “Enable” access).
Syntax
aaa authentication enable {default | method-list-name} method [... method2]
To return to the default setting, use the no aaa authentication enable {default |
method-list-name} method [... method2] command.
Parameters
default Enter the keyword default then the authentication methods to use as the default
sequence of methods for the Enable login. The default is default enable.
method-list-
name
Enter a text string (up to 16 characters long) to name the list of enabled
authentication methods activated at login.
method
Enter one of the following methods:
1258 Security