LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

January 2007

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS January 2007

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: release version 4.0.3 vs. 4.1.0.1
From:	"Prem Ananthakrishnan (prananth)" <[log in to unmask]>
Reply To:	Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:	Mon, 1 Jan 2007 20:39:17 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (94 lines)

Hi Homer,

Wish you a very happy new year!!

That bug has nothing to do with the type of upgrade. It actually affects
how the shared secret is stored 
When you enter it during the bootstrap process (service perfigo config).

Basically, the secret was being stored as the "same" hash all the time
as opposed to creating a hash based off the password.  Yes. The file is
encrypted, it is a hash. However, earlier, it used to be the "same"
hash, not itll be a different hash based on the password you enter.

HTH
Prem

-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Homer Manila
Sent: Friday, December 29, 2006 7:24 PM
To: [log in to unmask]
Subject: Re: release version 4.0.3 vs. 4.1.0.1

If I read the release notes carefully, I should not be affected by that
bug since I did not do a web-upgrade.  However, when I look at the
/root/.secret file, it looks waaaay different than what I put in for the
shared secret during my upgrade from 4.0.2 --> 4.1.0.  Is it encrypted?

What is the default shared secret, or is there even one?

Happy New Year all!

--Homer Manila
Network Security Administrator
e-Operations,
Network Security
American University

Prem Ananthakrishnan (prananth) wrote:
> Simon,
>
> Thanks for bringing that up. 
>
> Folks, for your reference, the change of shared secret/CAS password is

> to address the following bug
> CSCsg24153
>
> Regards
> Prem
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators 
> [mailto:[log in to unmask]] On Behalf Of Simon Bell
> Sent: Tuesday, December 19, 2006 8:39 AM
> To: [log in to unmask]
> Subject: Re: release version 4.0.3 vs. 4.1.0.1
>
> I just finished upgrading from 4.0.3 to 4.1. Unfortunately Nick's 
> email was received about 2 hours after I had finished upgrading, 
> otherwise I probably would have waited for 4.0.4. The need for NAV2007

> was the motivating factor, but I'm not sure I would have had time for 
> 4.0.4, where with 4.1, I can at least test it on the 30 or so students

> still here.
>
> No OS change within the 3.6-4.1 versions.
>
> BTW, for those upgrading to 4.1, be prepared to reset your shared 
> secret on each device and your CAS Web admin password during the 
> upgrade script.
>
> Simon
>
>   
> From: 	WENDY SHIH <[log in to unmask]>
> To:	<[log in to unmask]>
> Date: 	12/19/2006 9:29 AM
> Subject: 	release version 4.0.3 vs. 4.1.0.1
>
> Hi,
>
> I didn't follow the thread closely while those releases came out.  Now

> I have a question.  I see that some of you are going to upgrade to
4.0.3
> rather than 4.1   What are the reasons you are  not going to 4.1 now
> beside
> it requires entire OS upgrade?    Thanks.
>

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU