secret
To configure an encrypted or clear-text password for the user, use the secret command in username configuration mode or line template configuration mode. To remove this configuration, use the no form of this command.
secret [ 0 [ enc-type enc-type-value ] |5|8|9|10 ] secret-login
no secret
Syntax Description
0 | (Optional) Specifies that an unencrypted (clear-text) password follows. The password will be encrypted for storage in the configuration using an MD5 encryption algorithm. Otherwise, the password is not encrypted. | ||
5 |
Specifies that an encrypted MD5 password (secret) follows. |
||
8 |
(Optional) Specifies that SHA256-encrypted password follows. |
||
9 |
(Optional) Specifies that scrypt-encrypted password follows. |
||
10 |
(Optional) Specifies that SHA512-encrypted password follows. |
||
secret-login |
Text string in alphanumeric characters that is stored as the MD5-encrypted password entered by the user in association with the user’s login ID.
|
||
enc-type |
(Optional) Configures the encryption type for a password entered in clear text. |
||
enc-type-value |
Specifies the encryption type to be used. |
Command Default
No password is specified.
Command Modes
Username configuration
Line template configuration
Command History
Release | Modification |
---|---|
6.5.33 |
This command was introduced. |
Usage Guidelines
Secrets are one-way encrypted and should be used for login activities that do not require a decryptable secret.
Task ID
Task ID | Operation |
---|---|
aaa |
read, write |
Examples
The following example shows how to establish the clear-text secret “lab” for the user user2 :
RP/0/RP0/CPU0:ios(config)#username cisco
RP/0/RP0/CPU0:ios(config-un)#secret ?
RP/0/RP0/CPU0:ios(config-un)#secret 9
$9$q8j4v/mf1SOg5v$nGAhRkf0ek3wSYjDG/VKhwp2znPaWusuZtkx9Z1sM