Have you ever tried to remember what that secret key was that you configured for a RADIUS server? What about trying to find out the encryption key?
By default we will hide the sensitive information from view, like this:
Code:
(Greig) #show wlan ssid-profile default | include Key
WEP Key 1 ********
WEP Key 2 N/A
WEP Key 3 N/A
WEP Key 4 N/A
WEP Transmit Key Index 1
(Greig) #
Well, this weeks command of the week is "encrypt disable" that will let you view all of the sensitive information stored in the system. You configure it like so:
Code:
(Greig) #configure t
Enter Configuration commands, one per line. End with CNTL/Z
(Greig) (config) #encrypt disable
(Greig) #
And now you can see what that key was:
Code:
(Greig) #show wlan ssid-profile default | include Key
WEP Key 1 12345678901234567890123456
WEP Key 2 N/A
WEP Key 3 N/A
WEP Key 4 N/A
WEP Transmit Key Index 1
(Greig) #
This currently works for ALL sensitive information stored and shown by the switch. You can also use this command to get yourself a copy of the running configuration without having hashed passwords.
Note- for all of the security sensitive people out there who don't like this, it will be different in 3.2. All of the passwords that we can hash and turn into a one-way hash representative, will from 3.2 be stored internally as the one-way hash. There are certain passwords however that we need to have access to in plaintext and so it will not be for all secrets.
