Controller-less WLANs

Hashed Management Password for Instant Access Points

Aruba Employee
Requirement:

As of today, passwords of management users are stored on IAP in reversible encryption format. Management password can be seen in plain text in running configuration using show running-configuration no-encrypt. Hence for the same reason WLAN admin wish to have something more secure than an encrypted format.



Solution:

Starting Instant version 4.3, WLAN admin can enforce hashing of management user's passwords. A hashed password is more secure than an encrypted password the reason being, encrypted password can be decrypted back but hashed password cannot be reversed back to original text.



Configuration:

Hash-mgmt-password is optional for users who upgrade to 4.3. If hash-mgmt-password is not enabled after upgrading to 4.3, management passwords are stored and displayed as it was before. Hash-mgmt-password is enabled by default.

CLI Configuration:

 

 

Web UI Configuration:

 

System -> Admin -> Hashed Management Password

 



Verification

Executing "show mgmt-user" will show if the Hash Management Password is enabled or not.

 

 

Version history
Revision #:
2 of 2
Last update:
‎04-23-2017 10:26 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.