As engineers, you don’t always document things as well as we should OR someone you work with is always “too busy” to document their work. This little trick will show you how to recover pre-shared keys on a Cisco Pix or ASA firewall.
Normally, you use the ’show run’ command to view the running configuration. Pre-shared keys are marked with an asterisk (*). To view the password unencrypted, type ‘more system:running-config’. This will display the full configuration with unencrypted passwords.
To bad actually that the pre-shared key of an Cisco VPN Client doesn’t show up in the latest ASA software version 8.2.2. the pre-shared keys of the VPN Tunnels are showed.
or browse to https://x.x.x.x/config, that will show the config with the psk’s as well 😉
Try command ‘more system:running-config’
check this: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00807f2d37.shtml
It is working, thanks bro.
Than you so much.its working fine.
You need to use: https://x.x.x.x/admin/config
Thanks Angelo this works 🙂
Thanks
This is an old post, but you can also write the config to tftp and the save config file will show the PSK as well
in the context how i see the pre-shared key ?
the commad more system:running-config it’not present in the context but is present in system
if you do “more system:running-config” all encrypted password ( except the ones of the users and encrypted secret password ) are shown in configuration file.
Pre-shared key is normally in the show running-config showed with *****
you do “more system:running-config” it not prensent when i type in the context
You have to be in the enable mode. ( which ASA software version are you running? ) ciscoasa#more system:running-config
To view the complete config of a context (including PSK’s) you have to be in the system context (“changeto context system” if you’re not already there) and do a “more disk0:/.cfg. For instance, to view the whole admin context config the command would be “more disk0:/admin.cfg”.
Thank you
Thank you, very good. Excelent.