Welcome to the VanDyke Software Forums

Join the discussion today!

Go Back   VanDyke Software Forums > General


Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 02-04-2019, 04:23 AM
Judge Dredd Judge Dredd is offline
Registered User
Join Date: Jul 2018
Posts: 5
Exclamation Feature Request: central credentials repository


I remember we were talking about this in the past, but I can't find any post about it right now, so I decided to issue a new thread, because I've been waiting for this feature for a couple of years now.

What I really really need is some kind of central credentials repository - possibly as addition to the credential features that are in particular session's properties.

Let me share with you my challenge. I have 1000+ Cisco devices to which I login with my domain credentials (devices have tacacs+ access and they verify my user/pass in the central server, which gets my current password from the domain). The problem is I have to change this domain password monthly - I'm sure I'm not the only one - I bet most of admins must do the same.

After changing my password in the domain I have to alter credential data in my SecureCRT sessions for those devices that use tacacs+. I know - you will pop up with the "changing the settings for multiple sessions at once" feature, but this really can't be used because (of course) not all of my sessions have the same connect/login settings. Most of the sessions are SSH with tacacs, but not all - some of them use SSH with some local passwords (not domain - they don't have to be changed), some other sessions use telnet and tacacs, some other sessions use telnet and local passwords. You see there is a variety of connection possibilities and, of course, different kind of sessions are mixed up, so there is no possibility to choose all sessions and change the password.

What would be needed to solve this problem is some kind of SecureCRT central credentials repository. In my imagination it could work like that:

I go to some central option in SecureCRT and define "Cred1" user and password there. Then I go to my session and choose "Authentication - Cred1". Then this session passess "Cred1" to the device upon login. This way I could change "Cred1" at one central place and it would pass the proper new password to all devices that need it.

It could (and should) be an additional option to "Logon Actions" pane in the session properties as well as to "Authentication" pane in SSH2 properties and other password-related options in other session types. This way any session that has local credentials on the device could be configured individually and any session that would need to pass the common credentials could pull it from the central repository.

Please consider this as I believe most of admins are facing the problem of changing the password to lot of devices after domain-password-change.

Best regards,

Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -6. The time now is 02:15 AM.