Probably a dumb question but are user/pass preserved in backups ?
I have a brand new CCR1009-7G on which i have restored a (password protected) backup from another CCR and although it seems to have the config loaded I can’t connect to is with the same credentials that are working on the original router…
A .backup file includes the user password… So the recovered backup file has the user password the original router had at the time the backup was taken…
Also, it is not a good practice to return a .backup from one router to another.
Also, it is not a good practice to return a .backup from one router to another.
Even to same hardware that is mean to replace the original ?
Its fine to return a .backup to the same device …
If you return a backup from device A to device B, then devices A and B will be identical, they even have the same mac addresses on their interfaces… Unless you know how to reset them, if those devices for example existed in the same network, there would be a problem…
Oh ok did not realise that backup went up to MAC assignments - it would indeed be problematic.
But if I am going to swap two routers with exact same model I can do a backup → restore ?
Though not sure if passwords will be exported as well…you might want to consider using export and import (with the show-sensitive flag).
To clone a config:
Export. Remove MAC addresses from the *.rsc file. Import in other device.
Some versions , like 6.47.10, are missing some information in the export, like the wireless freq for the WLAN.
In the *.RSC file I see no user definitions, so the password is not set with export/import. Not even in “export verbose”.
I’m not sure that a backup/restore sets the password. (Never restored to another device, and in the same device the password is already set, unless a “reset” is executed.)
Ofcorse you cant see user information, they are encrypted…
The .backup file is a complete backup, you can’t see what its inside, but if you restore it, it is an exact copy of the device it came from…
Well test for backup/restore and transfer of password should be easy to do.
{backup
change password
restore
test password}
EDIT: YEP it’s the old one again.
The user/password list in a Cisco router is in the config file.
The type 7 password encryption in early days was very easy to crack (it was reversable) , type 9 is specified as hard to crack. (https://www.router-switch.com/faq/six-types-of-cisco-password.html)
If the encryption is strong, then one could include the encrypted passwords.
But even the “user” names are missing in the regular export for MT.
Export of “/user” shows the user names, no passwords or encrypted passwords.