Re: User Readable Config File (2.4.7)

[George Jones <gmj@pobox.com>]

On Thu, 23 Oct 2003, Joel N. Weber II wrote:

> > Should it explicitly state that there MUST be support in the device to
> > encrypt all passwords and secret and private keys (SNMP community strings,
> > NTP authentication, routing authentication, AAA server keys, what else?)
> > when displaying a user readable config file ?

2.4.2 Display of 'Sanitized' Configuration.

Moved to -info because I was not sure it could be justified as a BCP.

Also, what's "sensitive" ?  This moves in the direction of needed
an information classification scheme and and a method to enforce it.
This is beyond the scope, I think.

Also note that it is possible/not too hard to create programs that
"scrub" configs.   We distribute one for IOS in the contrib/ directory
of the Router Audit Tool.

>
> Possibly.  Though it is also valuable to have a way to dump the config
> with all such sensitive things completely omitted (perhaps with some
> sort of indication that they would be there if you had the uncensored
> version), because in general, it's very hard to obscure passwords well
> enough to be certain that a determined attacker can't recover them.

"xxxxx" ?   Reverse that !

---George