Cisco 1841 User Manual page 16

Cisco 1841 and Cisco 2801 Routers
Table 8 Cryptographic Keys and CSPs (Continued)
Router Shared
authentication Secret
key 2
SSH session Various
key symmetric
User password Shared
Secret
Enable Shared
password Secret
Enable secret Shared
Secret
RADIUS secret Shared
Secret
TACACS+ Shared
secret Secret
All RSA operations are prohibited by policy, and commands that can be executed by Officer are shown
Note
"# command".
Cisco 1841 Integrated Services Router with AIM-VPN/BPII-Plus and Cisco 2801 Integrated Services Router with AIM-VPN/EPII-Plus
16
This key is used by the router to authenticate
itself to the peer. The key is identical to Router
authentication key 1 except that it is retrieved
from the local database (on the router itself).
Issuing the "no username password" zeroizes the
password (that is used as this key) from the local
database.
This is the SSH session key. It is zeroized when
the SSH session is terminated.
The password of the User role. This password is
zeroized by overwriting it with a new password.
The plaintext password of the CO role. This
password is zeroized by overwriting it with a new
password.
The ciphertext password of the CO role.
However, the algorithm used to encrypt this
password is not FIPS approved. Therefore, this
password is considered plaintext for FIPS
purposes. This password is zeroized by
overwriting it with a new password.
The RADIUS shared secret. This shared secret is
zeroized by executing the "no radius-server key"
command.
The TACACS+ shared secret. This shared secret
is zeroized by executing the "no tacacs-server
key" command.
NVRAM "# no username password"
(plaintext)
DRAM Automatically when SSH
(plaintext) session terminated
NVRAM Overwrite with new
(plaintext) password
NVRAM Overwrite with new
(plaintext) password
NVRAM Overwrite with new
(plaintext) password
NVRAM "# no radius-server key"
(plaintext),
DRAM
(plaintext)
NVRAM "# no tacacs-server key"
(plaintext),
DRAM
(plaintext)
OL-8719-01