Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Are the passwords in ScreenOS hashed or encrypted?

0

0

Article ID: KB4950 KB Last Updated: 07 Oct 2008Version: 2.0
Summary:
Are the passwords in ScreenOS hashed or encrypted?
Symptoms:
encypted passwords Authentication User PPPoE NTP hash-password
Solution:

User passwords in ScreenOS 5.0.0 and higher (as well as 4.0.3 and higher) use irreversible SHA-1 hash.

Example:
set user "u1" hash-password "026N5uYMZC0GWWENS5wHyVC2Ki184wI/fKFH4="

Note: The hashed password is different each time the password is set (even if the same password is set).

 

PPPoE and NTP passwords in ScreenOS 5.0.0 and higher use AES reversible encryption.

Example: From the CLI, if you enter the command "set pppoe user u1 password u1", the password will be converted to the following:

set pppoe name "untrust" username "u1" password "0hAETE8aNfRiCVsTOwCjfo/SyAnYNtmaKg=="

Note: The encrypted password length depends on the length of the original clear text password. The encrypted password is different each time the password is set (even if the same password is set).


Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search