Displaying the authentication string – Brocade BigIron RX Series Configuration Guide User Manual

Page 931

background image

BigIron RX Series Configuration Guide

853

53-1002484-04

Configuring BGP4 neighbors

27

Notice that the software has converted the commands that specify an authentication string into
the new syntax (described below), and has encrypted display of the authentication strings.

Syntax: [no] neighbor <ip-addr> |<peer-group-name> password [0 | 1] <string>

The <ip-addr> | <peer-group-name> parameter indicates whether you are configuring an individual
neighbor or a peer group. If you specify a neighbor’s IP address, you are configuring that individual
neighbor. If you specify a peer group name, you are configuring a peer group.

The password <string> parameter specifies an MD5 authentication string for securing sessions
between the device and the neighbor. You can enter a string up to 80 characters long. The string
can contain any alphanumeric characters, but the first character cannot be a number. If the
password contains a number, do not enter a space following the number.

The 0 | 1 parameter is the encryption option, which you can omit (the default) or which can be one
of the following:

0 – Disables encryption for the authentication string you specify with the command. The
password or string is shown as clear text in the output of commands that display neighbor or
peer group configuration information.

1 – Assumes that the authentication string you enter is the encrypted form, and decrypts the
value before using it.

NOTE

If you want the software to assume that the value you enter is the clear-text form, and to encrypt
display of that form, do not enter 0 or 1. Instead, omit the encryption option and allow the software
to use the default behavior.

If you specify encryption option 1, the software assumes that you are entering the encrypted form
of the password or authentication string. In this case, the software decrypts the password or string
you enter before using the value for authentication. If you accidentally enter option 1 followed by
the clear-text version of the password or string, authentication will fail because the value used by
the software will not match the value you intended to use.

Displaying the authentication string

If you want to display the authentication string, enter the following commands:

BigIron RX(config)# enable password-display

BigIron RX(config)# show ip bgp neighbors

The enable password-display command enables display of the authentication string, but only in the
output of the show ip bgp neighbors command. Display of the string is still encrypted in the startup
configuration file and running configuration. Enter the command at the global CONFIG level of the
CLI.

BigIron RX(config-bgp)# show ip bgp config

Current BGP configuration:

router bgp

local-as 2

neighbor xyz peer-group

neighbor xyz password 1 $!2d

neighbor 10.10.200.102 peer-group xyz

neighbor 10.10.200.102 remote-as 1

neighbor 10.10.200.102 password 1 $on-o

See also other documents in the category Brocade Computer Accessories: