9-8
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 9 Configuring Basic Settings
Configuring the Master Passphrase
Step 3 Check the Change the encryption master passphrase check box; this will enable you to enter and
confirm your new master passphrases. By default, they are disabled.
Your new master passphrase must be between 8 and 128 characters long.
If you are changing an existing passphrase, you must enter the old passphrase before you can enter a new
one.
To delete the master passphrase, just leave the New and Confirm master passphrase fields blank.
Step 4 Click Apply.
You will see warning messages if:
• The Change the encryption master passphrase field is enabled, and the new master passphrase
field is empty, then the no key configuration-key password-encrypt command will be sent to the
device. A warning message appears when you click Apply.
• The old master passphrase does not match the hash value in the show password encryption
command output.
• You use non-portable characters, particularly those with the high-order bit set in an 8-bit
representation.
• A master passphrase and failover are in effect, then an attempt to remove the failover shared key
displays an error message.
• Eencryption is disabled, but a new or replacement master passphrase is supplied.You can click OK
or Cancel to continue.
• If the master passphrase is changed, in multiple security context mode.
• If Active/Active failover is configured and the master passphrase is changed.
• If any running configurations are configured so that their configuration cannot be saved back to their
server, such as with context config-URLs that use HTTP or HTTPS and the master passphrase is
changed.
Disabling the Master Passphrase
Disabling the master passphrase reverts encrypted passwords into plain text passwords. Removing the
passphrase might be useful if you downgrade to a previous software version that does not support
encrypted passwords.
Prerequisites
• You must know the current master passphrase to disable it. If you do not know the passphrase, see
the “Recovering the Master Passphrase” section on page 9-9.
•
To Next Page
Loading...
Need help?
General
