Table of Contents
Advertisement
Chapter 2
Cisco CMTS Configuration Commands
cable shared-secret
To configure an authentication shared-secret encryption key that CMs must use to successfully process
the DOCSIS configuration file and register with the CMTS, use the cable shared-secret command in
cable interface configuration mode. To disable the use of a shared-secret key during the CM registration
phase, use the no form of this command.
Syntax Description
0
7
authentication-key
Defaults
No shared-secret encryption key is used during registration, only the default DOCSIS MD5-encrypted
checksum. When cable shared-secret is given without specifying an encryption option, the key is stored
in the configuration file as an encrypted password if the service password-encryption command has
also been given.
Command Modes
Interface configuration (cable interface only)
Command History
Release
11.3 XA
Usage Guidelines
The cable shared-secret command can be used to prevent unauthorized interception and alteration of
the DOCSIS configuration file that is downloaded to the CM during the registration process. The cable
shared-secret command specifies a secret encryption string that the CMTS uses to calculate the MD5
Message Integrity Check (MIC) value that is appended to every DOCSIS configuration file and that the
CM and CMTS use to verify the file's integrity.
The CM must use the shared secret encryption string to successfully decrypt and process the
configuration file, and then register with the CMTS. If the CM does not have the proper encryption
string, it will be unable to calculate the proper MIC value, and the
show reject(m) for the modem to indicate a MIC authentication failure.
OL-1581-08
cable shared-secret [0 | 7] authentication-key
no cable shared-secret
(Optional) Specifies that an unencrypted message (clear text) will follow.
(Optional) Specifies that an encrypted message will follow.
Note
Text string specifying the shared secret string. When you also use the service
password-encryption command, the key is stored in encrypted form. The
text string can be any arbitrary string up to 80 characters in length.
Modification
This command was introduced.
As a general rule, the 7 option is not used by users at the command
line because it requires a pre-encrypted password. Typically, the 7
option is useful only when cutting and pasting commands from
another router's configuration file.
Cisco Broadband Cable Command Reference Guide
cable shared-secret
show cable modem
command will
2-219
Advertisement
Table of Contents
