This post is more than 5 years old
5 Posts
0
19456
June 12th, 2015 12:00
Encryption for RADIUS key?
On the N-Series switches, the radius key is, by default, shown in plaintext in the configuration file.
There's an option via CLI to specify an encrypted value, but it says the parameter length should be exactly 256 characters. The CLI documentation doesn't specify any further about the encryption type or how to pre-encrypt the password.
I tried "SHA256-ing" my key but this only outputs 64 hex (256 bits). When it tells me 256 characters, I'm assuming that this means 256 hex (i.e. 1024 bits)? I don't know how to generate this value from my key... any guidance?
Thanks!
No Events found!
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.5K Points
0
June 26th, 2015 14:00
This is something that we are going to need to release a new firmware version to resolve. So for now unencrypted is the only option.
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.5K Points
0
June 12th, 2015 16:00
Hi,
If you use your unencrypted string with the key encrypted command does it show the same key when you do show-running config?
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.5K Points
0
June 15th, 2015 14:00
What version is the switch firmware at?
charlieosborne
5 Posts
0
June 15th, 2015 14:00
Hi Josh,
Thanks for getting back!
Unfortunately I can't even input the unencrypted key -- if you enter any value less than 256 characters it throws an error that the key must be exactly 256 characters.
Any ideas?
Thanks,
Charlie
charlieosborne
5 Posts
0
June 15th, 2015 16:00
Firmware is at 6.2.1.6 (and the issue was also occurring on 6.0.1.3)
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.5K Points
0
June 17th, 2015 11:00
I am still looking into this.
charlieosborne
5 Posts
0
June 26th, 2015 16:00
Hi Josh, thank for looking into this and following up. We'll look for this feature in the future.
Thanks again,
Charlie