Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Passwords from current-config cli

When dumping configuration with export current-config cli via the E-CLI, all the passwords are represented with hexadecimal strings. I assume this corresponds to the <ENC_PASSWORD> options in the docs.

Does anyone know what these strings are or how they are generated?

Awkwardly they also appear to change every time the config is exported, which complicates diff'ing to find changes.

Category: Firewall Management and Analytics


  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @davetapley

    I'am interessted in this as well. All secret information (passwords, etc.) get somehow rehashed everytime a config gets exported. The one and only thing I found that's changed too is userIV which could be some kind of salt.

    Recently I came across a couple of hundred firewall configuration files and reported this to SNWL, but noone gave a crab. Maybe this changes if we would know how to recover cleartext passwords, don't know, I'am just a simple minded guy.


Sign In or Register to comment.