Password Config: Answer
Here’s the letter answer and explanation for last week’s CCENT passwords question, below the fold as usual to hide the answer. Follow up as needed. Thanks!
This question hinges on two key points. First, switches (and routers) never display the actual enable secret password in the output of the show running-config command, instead listing the MD5 hash of the password, with an encryption or encoding type of 5.
Second, the service password-encryption global configuration command tells the switch to hide the passwords that would otherwise be visible in clear-text in the output of the show running-config command. These passwords include:
- Those defined with the password command in vty and console modes
- Those defined with the username command
- The password defined by the enable password command
The following example lists the output of the show running-config command on SW1 from this question, showing only the lines with the relevant passwords.