Guest

Preview Tool

Cisco Bug: CSCvt05326 - After encryption decrypt command, encrypted type-7 is not same as old type-7 encrypted key string

Last Modified

Jun 10, 2020

Products (1)

  • Cisco Nexus 9000 Series Switches

Known Affected Releases

9.3(4)IIL9(0.353) 9.3(4)IIL9(0.425)

Description (partial)

Symptom:
Without configuring Master key, configure key-string with plain -text. key-string will get stored as type-7 encrypted key-string. Now configure Master key and run "encryption re-encrypt obfuscated " command. All type-7 key-string will get converted to type-6. Again run "encryption decrypt type-6". type-6 keystroking will get converted to type-7. But newly generated type-7 key strings is not same as old type-7 key-string

Conditions:
Without configuring Master key, configure key-string with plain -text. key-string will get stored as type-7 encrypted key-string. Now configure Master key and run "encryption re-encrypt obfuscated " command. All type-7 key-string will get converted to type-6. Again run "encryption decrypt type-6". type-6 keystroking will get converted to type-7. But newly generated type-7 key strings is not same as old type-7 key-string
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.