Administrator Guide
passwords and keys, including RADIUS, TACACS+ keys, router authentication strings, VRRP authentication by
obscuring this information. Passwords and keys are stored encrypted in the configuration file and by default are
displayed in the encrypted form when the configuration is displayed. Enabling the service obscure-
passwords command displays asterisks instead of the encrypted passwords and keys. This command prevents
a user from reading these passwords and keys by obscuring this information with asterisks.
Password obscuring masks the password and keys for display only but does not change the contents of the file.
The string of asterisks is the same length as the encrypted string for that line of configuration. To verify that you
have successfully obscured passwords and keys, use the
show running-config command or show
startup-config command.
If you are using role-based access control (RBAC), only the system administrator and security administrator roles
can enable the
service obscure-password command.
Related
Commands
• show running-config — Display the current configuration and display changes from the default values.
• service password-encryption— Encrypts all passwords configured in the system.
service password-encryption
Encrypt all passwords configured in the system.
C9000 Series
Syntax
service password-encryption
To store new passwords as clear text, use the no service password-encryption command.
Defaults Enabled.
Command Modes CONFIGURATION
Command History
This guide is platform-specific. For command information about other platforms, refer to the relevant Dell
Networking OS Command Line Reference Guide.
The following is a list of the Dell Networking OS version history for this command.
Version Description
9.9(0.0) Introduced on the C9010.
9.2(1.0) Introduced on the Z9500.
8.3.19.0 Introduced on the S4820T.
8.3.11.1 Introduced on the Z9000.
8.3.7.0 Introduced on the S4810.
7.6.1.0 Introduced on the S-Series.
7.5.1.0 Introduced on the C-Series.
6.1.1.0 Introduced on the E-Series.
Usage Information
CAUTION: Encrypting passwords with this command does not provide a high level of security.
When the passwords are encrypted, you cannot return them to plain text unless you re-configure
them. To remove an encrypted password, use the no password password command.
To keep unauthorized people from viewing passwords in the switch configuration file, use the service
password-encryption command. This command encrypts the clear-text passwords created for user name
passwords, authentication key passwords, the privileged command password, and console and virtual terminal line
access passwords.
To view passwords, use the show running-config command.
Security 1465