Configuring A Master Key And Enabling The Aes Password Encryption Feature - Cisco Nexus 9000 Series Configuration Manual

Configuring Keychain Management
Command or Action
switch(config-keychain)# copy running-config
startup-config

Configuring a Master Key and Enabling the AES Password Encryption Feature

You can configure a master key for type-6 encryption and enable the Advanced Encryption Standard (AES)
password encryption feature.
SUMMARY STEPS
1. [no] key config-key ascii
2. configure terminal
3. [no] feature password encryption aes
4. (Optional) show encryption service stat
5. copy running-config startup-config
DETAILED STEPS
Command or Action
Step 1 [no] key config-key ascii
Example:
switch# key config-key ascii
New Master Key:
Retype Master Key:
Step 2
configure terminal
Example:
switch# configure terminal
switch(config)#
Step 3 [no] feature password encryption aes
Example:
switch(config)# feature password encryption aes
Step 4 (Optional) show encryption service stat
Example:
switch(config)# show encryption service stat
Step 5 Required: copy running-config startup-config
Example:
Configuring a Master Key and Enabling the AES Password Encryption Feature
Purpose
Purpose
Configures a master key to be used with the AES password
encryption feature. The master key can contain between 16
and 32 alphanumeric characters. You can use the no form
of this command to delete the master key at any time.
If you enable the AES password encryption feature before
configuring a master key, a message appears stating that
password encryption will not take place unless a master key
is configured. If a master key is already configured, you are
prompted to enter the current master key before entering a
new master key.
Enters global configuration mode.
Enables or disables the AES password encryption feature.
Displays the configuration status of the AES password
encryption feature and the master key.
Copies the running configuration to the startup
configuration.
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
423