DFE 'set system login' command with "Password must be in encrypted format." error

  • 0
  • 1
  • Article
  • Updated 5 years ago
  • (Edited)
Article ID: 10316 

Products
Matrix N-Series DFE, firmware 6.01.01.0020 and higher 

Changes
Issued the 'set system login...' command using the "password" option. 

Symptoms
"Password must be in encrypted format. Set was unsuccessful." 

Cause
New options have been added to the 'set system login' command. Here is a comparison of the old and new command formats:
Through 5.x:    set system login username {super-user | read-write | read-only} {enable | disable}

6.x and higher: set system login username {super-user | read-write | read-only} {enable | disable}
[password password] [allowed-interval HH:MM HH:MM]
[allowed-days {[Sun] [Mon] [Tue] [Wed] [Thu] [Fri] [Sat]}]
[local-only {yes | no}]

Historically, one would use the 'set system login' command to create a new user account, and then use the 'set password' command to set the password for the new account. 

Now, given the new options of the 'set system login' command, it would appear that the administrator has the option of shortening this process into one step. However, an attempt to specify the username and password in one operation results in an error message, as shown in the following example:
    DFE(su)->set system login jdoe super-user enable password hello1234
    Password must be in encrypted format.
    Set was unsuccessful.
    DFE(su)->

    The Configuration Guide states, in describing the use of the "password" option: 
    "Specifies the encrypted password for this user account. 
    NOTE: This option is intended only for use in configurations generated by the show config command." 

    In other words, after the administrator employs the 'set system login' command to create a user account and the 'set password' command to set the user's password, the output of a 'show config' command will display the results utilizing the enhanced options of the 'set system login' command; as shown in the following example:
      DFE(su)->set system login jdoe super-user enable
      DFE(su)->set password jdoe
      Please enter new password:
      Please re-enter new password:
      Password changed.
      DFE(su)->show config system
      This command shows non-default configurations only.
      Use 'show config all' to show both default and non-default configurations.

      begin
      !
      # ***** NON-DEFAULT CONFIGURATION *****
      !
      !
      # system
      set system login jdoe super-user enable password :e1b608274fc8250ff1e93b6e6145b2
      0acf612c87:
      !
      end

      DFE(su)->

      Solution/Workaround

      When configuring a user name with the 'set system login' command, do not use the "password" option available with 6.x and higher firmware. Instead, use the traditional 'set password' command to set the user's password after the user's account has been created.
      Photo of FAQ User

      FAQ User, Official Rep

      • 13,610 Points 10k badge 2x thumb

      Posted 5 years ago

      • 0
      • 1

      There are no replies.

      This conversation is no longer open for comments or replies.