Hi,
not sure if this even possible because I guess the user passwords are stored only as hashes, right?
I’m wondering what the “show-sensitve” switch does in /user export in RouterOS 7.x
I see no difference in the output of /user export with and without the parameter.
Thank you in advance.
Regards, Flo.
In RouterOS, the passwords and secrets are not shown as hashes. If show-sensitive adds no items, are you sure showing sensitive information is permitted for the user account you run the command under? Also, the “sensitive” items are just passwords to various VPN services (/interface l2tp-client and alike, /ppp secret rows) and the IPsec pre-shared keys (the secret items on /ip ipsec identity rows). Passwords to user accounts are never shown.
As indicated by sindy, user passwords are never shown. Not even in Winbox.
As for regular export:
Default behavior has changed from ROS6 (where it was show-sensitive) to ROS7 (where it is hide-sensitive).
Private keys for wireguard, WPA keys for wireless, … are shown using show-sensitive (default in ROS6, you need to specify it in ROS7).
And in Winbox they are visible when you toggle Menu - settings - Hide passwords
Thank you all very much for explaining!