MD5 and RSA

Hi,
I need to create a secure key using a string end encrypting it using MD5 and after is RSA, I found a couple of MF to create the MD5 key but I can't find whow to encrypt it now using RSA.
Any idea?
I'm in Mexico City and here is a treasury requirement to do it in this way, thanks in advanced for your help.

Hi,
The one case I know is the code download the file to server then call an OS command that will encrypt the file. You can also make the encrypted file is sent to e-mail.
Regards,
Teddy Kurniawan

Similar Messages

  • MD5 and RSA - Slow performance  - Help / Views Required

    Hi,
    I am facing a problem while signing a message.The
    scenario is:
    I have to create 20,000 messages to be sent to
    clients. I am encrypting the message using MD5 and
    RSA.
    But when i am encrypting via RSA it takes about 20
    mins to encrypt the 20k messages.I dont know why its
    taking so much time. I have max 4-5 mins to manipulate
    and send messages. The sample code is as follows:
    ur earliest help will be quite helpful.
    Thanks in advance
    Hassan
    ************** Source Code ****************
    import java.io.IOException;
    import java.math.BigInteger;
    import java.security.KeyFactory;
    import java.security.MessageDigest;
    import java.security.Signature;
    import java.security.PrivateKey;
    import java.security.spec.RSAPrivateKeySpec;
    import org.apache.log4j.Logger;
    public class Signer {
    ******************************************

    Hi Sabre,
    I have compiled the simple code from JCE tutorial for DES. The output text it is showing is different than input text.
    Is there any problem going on in tutorial's example ?
    Regards
    Hamid
    ******** output **************
    the original cleartext is: [B@13a328f
    the encrypted text is: [B@337838
    the final cleartext is: [B@119cca4
    ******** Code ************
    public class jCypher {
    private static Cipher desCipher = null;
    public static void main (String[] args) throws NoSuchAlgorithmException,
    InvalidKeyException, IllegalBlockSizeException, NoSuchProviderException,
    BadPaddingException, NoSuchPaddingException, Exception
    //Creating a Key Generator and Generating a Key
    //public static KeyGenerator getInstance(String algorithm);
    KeyGenerator keygen = KeyGenerator.getInstance("DES");
    SecretKey desKey = keygen.generateKey();
    // Creating a Cipher
    // Cipher.getInstance(Transformation);     
    // c1 = Cipher.getInstance("RSA/ECB/PKCS1Padding");     
    desCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
    // Cipher.init(int opmode, Key key);
    desCipher.init(Cipher.ENCRYPT_MODE, desKey );
    // Cleartext
    byte[] cleartext = "This is small Text for testing".getBytes();
    System.out.println("the original cleartext is: " + cleartext.toString());
    // Encrypt the cleartext
    // encrypted or decrypted data in one step (single-part operation)
    // public byte[] doFinal(byte[] input);
    byte[] ciphertext = desCipher.doFinal(cleartext);
    System.out.println("the encrypted text is: " + ciphertext.toString());
    // Initialize the same cipher for decryption
    desCipher.init(Cipher.DECRYPT_MODE, desKey );
    // Decrypt the ciphertext
    byte[] cleartext1 = desCipher.doFinal(ciphertext);
    System.out.println("the final cleartext is: " + cleartext1.toString());
    } // End main()
    }

  • How can I control the list of cipher suites offered in the SSL Client Hello message? I want to forbid MD5 and RC4.

    How can I control the list of cipher suites offered in the SSL Client Hello message?
    I want to limit my browser to negotiating strong cipher suites. I'd like to forbid DES, MD5 and RC4.

    Set the related SSL3 prefs to false on the about:config page (Filter: security.ssl3.).
    *http://kb.mozillazine.org/about:config

  • ISE and RSA token groups

    We have wireless  network using ISE and RSA to do the authenticaiton. There are two groups of RSA token users, one is with username
    Axxxx, the other Bxxxx.
    Now we try to differ the authentications for the two group. One permit, the other deny.
    I am wondering whether the ISE can do this or not.
    thanks,
    Han

    ISE 1.2 should work with RSA 8.1. Please do try it in a lab setup would probably qualify it as part of ISE 1.3.

  • Integration of Cisco ACS SE 4.2 and RSA SecurID Token Server

    Hi,
    I would be very appreciated if anyone can share their experience. Thanks in advance.
    Issue:
    I am trying to configure the ACE SE 4.2 to authenticate using RSA SecurID Token Server.
    Problems encountered:
    Authentication failed. In the failed logged attempt the error "External Database not operational" was next to the login name.
    In the auth.log, there was "External DB [SecurID.dll]: aceclnt.dll callback returned error [23]".
    Questions:
    1. Please kindly advise how I should resolve this problem.
    2. Also, is there any successful message once ACS get the sdconf.rec? Will the "Purge Node Secret" button be enabled?
    Troubleshooting steps I have done:
    Below is the steps I took to setup the external DB.
    1. Verified sdconf.rec is not a garbage file using the Test authentication function in RSA client.
    2. FTP sdconf.rec in the external database configuration. (Had used Wireshark and confirm file transfered successfully.)
    2. Defined unknown user policy to check RSA SecurID Token Server to authenticate.
    Thank you.

    I have NO experience with ACS SE 4.2 and
    RSA SecurID Token Server BUT I have
    experiences with Cisco ACS 4.1 running on
    Windows 2003 SP2 Enterprise Edition and
    RSA SecurID Token Server.
    All the troubleshoot you've done is correct.
    In Windows 2003 running Cisco ACS, you can
    install the test authentication RSA client
    and that you can verify that the setup
    is correct (by verifying that the sdconf.rec
    is not corrupted).
    One thing I can think of is that when you
    setup the ACS SE box, under external
    database, configure unknown user policy,
    did you check it to tell how to define users
    when they are not found in the ACS internal
    database. Did you select RSA SecurID token
    server?
    Other than that, from what I understand,
    you've done everything correctly.

  • Request Native Ability to Calculate CRC, MD5, and SHA Hashes

    // Requested via the Feedback tool also //
    Provide the ability to calculate and generate CRC, MD5, and SHA hashes via a right-click context menu without having to resort to third party tools.  In some environments, policy does not allow for certain applications.  Having this ability natively
    would really help to verify files.
    This has been requested during the preview stage of Windows 7 and Windows 8.  Asking again here.

    That works perfectly!  Thanks.  I did not know that was available.
    NAME
        Get-FileHash
    SYNTAX
        Get-FileHash [-Path] <string[]> [-Algorithm <string> {SHA1 | SHA256 | SHA384 | SHA512 | MACTripleDES | MD5 |
        RIPEMD160}]  [<CommonParameters>]
        Get-FileHash -LiteralPath <string[]> [-Algorithm <string> {SHA1 | SHA256 | SHA384 | SHA512 | MACTripleDES | MD5 |
        RIPEMD160}]  [<CommonParameters>]
        Get-FileHash -InputStream <Stream> [-Algorithm <string> {SHA1 | SHA256 | SHA384 | SHA512 | MACTripleDES | MD5 |
        RIPEMD160}]  [<CommonParameters>]
    ALIASES
        None
    REMARKS
        Get-Help cannot find the Help files for this cmdlet on this computer. It is displaying only partial help.
            -- To download and install Help files for the module that includes this cmdlet, use Update-Help.

  • [svn:cairngorm3:] 21115: updating the md5 and metadata and swc release ( just in case, we missed anything in our last commit)

    Revision: 21115
    Revision: 21115
    Author:   [email protected]
    Date:     2011-04-21 09:13:29 -0700 (Thu, 21 Apr 2011)
    Log Message:
    updating the md5 and metadata and swc release (just in case, we missed anything in our last commit)
    Modified Paths:
        cairngorm3/maven-repository/com/adobe/cairngorm/cairngorm3/3.0.18/cairngorm3-3.0.18.pom
        cairngorm3/maven-repository/com/adobe/cairngorm/cairngorm3/3.0.18/cairngorm3-3.0.18.pom.m d5
        cairngorm3/maven-repository/com/adobe/cairngorm/cairngorm3/3.0.18/cairngorm3-3.0.18.pom.s ha1
        cairngorm3/maven-repository/com/adobe/cairngorm/cairngorm3/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/cairngorm3/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/cairngorm3/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/contract/1.4/contract-1.4.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/contract/1.4/contract-1.4.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/contract/1.4/contract-1.4.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/contract/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/contract/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/contract/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/integration/0.16/integration-0.16.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/integration/0.16/integration-0.16.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/integration/0.16/integration-0.16.swc.sha 1
        cairngorm3/maven-repository/com/adobe/cairngorm/integration/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/integration/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/integration/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/integrationParsley/0.16/integrationParsle y-0.16.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/integrationParsley/0.16/integrationParsle y-0.16.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/integrationParsley/0.16/integrationParsle y-0.16.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/integrationParsley/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/integrationParsley/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/integrationParsley/maven-metadata.xml.sha 1
        cairngorm3/maven-repository/com/adobe/cairngorm/libraries/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/libraries/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/libraries/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/module/0.15/module-0.15.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/module/0.15/module-0.15.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/module/0.15/module-0.15.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/module/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/module/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/module/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/navigation/1.4/navigation-1.4.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/navigation/1.4/navigation-1.4.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/navigation/1.4/navigation-1.4.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/navigation/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/navigation/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/navigation/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationParsley/1.4/navigationParsley-1 .4.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationParsley/1.4/navigationParsley-1 .4.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationParsley/1.4/navigationParsley-1 .4.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationParsley/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationParsley/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationParsley/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSpringAS/1.4/navigationSpringAS -1.4.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSpringAS/1.4/navigationSpringAS -1.4.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSpringAS/1.4/navigationSpringAS -1.4.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSpringAS/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSpringAS/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSpringAS/maven-metadata.xml.sha 1
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSwiz/1.4/navigationSwiz-1.4.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSwiz/1.4/navigationSwiz-1.4.swc .md5
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSwiz/1.4/navigationSwiz-1.4.swc .sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSwiz/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSwiz/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/navigationSwiz/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/observer/1.14/observer-1.14.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/observer/1.14/observer-1.14.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/observer/1.14/observer-1.14.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/observer/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/observer/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/observer/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/observerParsley/1.14/observerParsley-1.14 .swc
        cairngorm3/maven-repository/com/adobe/cairngorm/observerParsley/1.14/observerParsley-1.14 .swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/observerParsley/1.14/observerParsley-1.14 .swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/observerParsley/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/observerParsley/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/observerParsley/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/popup/1.13/popup-1.13.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/popup/1.13/popup-1.13.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/popup/1.13/popup-1.13.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/popup/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/popup/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/popup/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/popupParsley/1.13/popupParsley-1.13.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/popupParsley/1.13/popupParsley-1.13.swc.m d5
        cairngorm3/maven-repository/com/adobe/cairngorm/popupParsley/1.13/popupParsley-1.13.swc.s ha1
        cairngorm3/maven-repository/com/adobe/cairngorm/popupParsley/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/popupParsley/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/popupParsley/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/task/1.10/task-1.10.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/task/1.10/task-1.10.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/task/1.10/task-1.10.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/task/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/task/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/task/maven-metadata.xml.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/validation/1.13/validation-1.13.swc
        cairngorm3/maven-repository/com/adobe/cairngorm/validation/1.13/validation-1.13.swc.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/validation/1.13/validation-1.13.swc.sha1
        cairngorm3/maven-repository/com/adobe/cairngorm/validation/maven-metadata.xml
        cairngorm3/maven-repository/com/adobe/cairngorm/validation/maven-metadata.xml.md5
        cairngorm3/maven-repository/com/adobe/cairngorm/validation/maven-metadata.xml.sha1

    word!
    second that.
    This is really hard to follow, even for us who keep an eye on every update and read every single post and have an imagination of update problems out there.
    You tried to make digitalpublishing.acrobat.com (the "dashboard") the one-stop place for downloading and updating all necessary tools. good idea to make this the central point, because adobe.com download sections is a pain in the arse when trying to find updates for secondary tools like the DPS.
    also, make it super-duper clear what version is the current and what versio are currently available. I already wrote about lining up version numbers months ago and you seem to get this working — but it is still a mess. 1.7 vs 1.1.7 vs. 2.0 vs. drop17 vs. 11.4.2.201111104_m_670635 7.5.5.16 (you can imagine where I took the latter from)
    Peter: The bold line in the sticky forum message was added later, as I recall.
    —Johannes

  • Hashing of the password field using MD5 and then store in the XML

    Hi,
    I need to design a form with User ID and a Password field. When i extract the XML from the form i need to hash the password field using MD5 and then store it. Does anyone have some kind of experience in doint it. Can you please suggest some way to do it.
    Thanks,
    Sayoni.

    Hi,
    To hash password you can use function from http://kevin.vanzonneveld.net/techblog/article/javascript_equivalent_for_phps_md5/ or try to find another implementation. Just call this function on some event like button click for example.
    Also I made some example. See attach.
    BR,
    Paul Butenko

  • DES and RSA test applet

    Hello all,
    I have to test DES and RSA with some Java Card, but I have NO idea with it.
    Is there any sample applets or any good site to learn it?
    If I can have applet files, that will be great.
    Thanks a lot,
    Julie.

    This could be an issue, for example, if there is a card that doesn't implement javacardx.crypto. Creating Cipher myCipher as a member variable would throw an exception if it's not implemented on the card. This ultimatly will prevent it from being loaded.
    Take your CAP file and try to load it with the reference implementation and you'll see what I mean. Also, try to compile, and generate a CAP file outside the JCOP IDE environment. You'll see what ticks me off about the Sun kit. It would still generate the CAP file. BUT crypto isn't implemented in the Sun Kit. It should kick out an export not found message.
    Discarding objects aren't needed because, if you notice, the JC uses a facade design pattern for the crypto implementations to assure only one instance is created. That's the getInstance() methods.

  • MD5 and NTP on solaris

    Hello
    I want to use a solaris box as an NTP server but the cisco boxes use MD5. My questions are:
    Is MD5 supported on Solaris?
    If not is there an alternative that both support?
    Are there any configuration docs for MD5 and NTP for solaris?
    TIA
    Andrew

    Sure !! support
    You must set the key at /etc/inet/ntp.keys
    somthing like this
    4 M DonTTelL
    6 M hElloWorld
    22 M ImASecret
    M refer to MD5 encription

  • "Broken" MD5 and SHA-1: Any measures available/needed for JCA/JCE/JSSE ?

    Dear Experts
    As security reports emerge saying MD5 and SHA-1 algos being broken I d'like to know what this means to us as longterm users of Sun's JCA/JCE/JSSE implementations within 1.3.1, 1.4.2 and 1.6 JRE / JDK.
    Main area of our usage:
    - Key and certificate generation by keytool and/or openssl
    - TLS communications with above material from jks keystores and SunPksc11 along with smartcards used with java client and servers, webbrowsers and servers.
    A common recommendation I've got regarding SHA-1 is to upgrade to SHA-256, 384 or even 512.
    Is this feasible / needed for above applications?
    What about MD5?
    Really concerned
    Marcel

    Hello all,
    I have problem with a JSSE client to communicate with an openssl server. It got stuck after connection is established. Do you have any idea?
    Any help will be appreciated.
    YFG

  • ISE and RSA

     I am trying to get ISE to work with RSA I have followed this link and got the jist of how to get it working.
    http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_man_id_stores.html
    I did however get lost trying to tell the folks who run the RSA what the Agent Host Settings need to be to work with ISE. They need info for the sceen below. Anyone done this before? We are doing a distributed deployment with 2 PSN nodes and 2 Admin nodes.

    ISE 1.2 should work with RSA 8.1. Please do try it in a lab setup would probably qualify it as part of ISE 1.3.

  • Is ASA integration with ISE and RSA for 2 factor authentication a valid/tested design

    Hi,
    Customer currently uses ASA to directly integrate with RSA kind of solution to provide 2 factor authentication mechanism for VPN user access.  We're considering to introduce ISE to this picture, and to offload posture analysis from ASA to ISE.  And the flow we're thinking is to have ASA interface to ISE and ISE interface to RSA and AD backend infrastructure.  And we still need the 2 factor authentication to work, i.e., customer gets a SMS code in addition to its login username and password.  I'm wondering if ASA/ISE/RSA/AD integrated solution (and with 2 factor authentication to work) is a tested solution or Cisco validate design?  Any potential issue may break the flow?
    Thanks in advance for any input!
    Tina

    Hi,
    I have an update for this quite broad question.
    I have now came a bit further on the path.
    Now the needed Radius Access Attribute are available in ISE after adding them in
    "Policy Elements" -> "Dictionaris" -> "System" -> "Radius" -> "Cisco-VPN3000".
    I added both the attribute 146 Tunnel-Group-Name which I realy need to achive what I want(select diffrent OTP-backends depending on Tunnel Group in ASA) and the other new attribute 150 Client-Type which could be intresting to look at as well.
    Here the "Diagnostics Tools" -> "Generel tools" -> "TCP Dump" and Wireshare helped me understand how this worked.
    With that I could really see the attributes in the radius access requests going in to the ASA.
    Now looking at a request in "Radius Authentication details" I have
    Other Attributes:
    ConfigVersionId=29,Device Port=1025,DestinationPort=1812,RadiusPacketType=AccessRequest,Protocol=Radius,CVPN3000/ASA/PIX7.x-Tunnel-Group-Name=SMHI-TG-RA-ISESMS,CVPN3000/ASA/PIX7.x-Client-Type=,CPMSessionID=ac100865000006294FD60A7F,.....
    Ok, the tunnel group name attribute seems to be understood correct, but Client-Type just say =, no value for that.
    That is strange, I must have defined that wrong(?), but lets leave that for now, I do not really need it for the moment being.
    So now when I have this Tunnel-Group-Name attribute available I want to use it in my Rule-Based Authentication Policy.
    Problem now is that as soon as I in an expression add a criteria containing Cisco-VPN3000:CVPN3000/ASA/PIX7.x-Tunnel-Group-Name matches .* (just anything), then that row does not match any more. It still work matching against NAS-IP and other attributes.
    What could it be I have missed?
    Best regards
    /Mattias

  • AAA Authorization with RADIUS and RSA SecurID Authentication Manager

    Hi there.
    I am in the process of implementing a new RSA SecurID deployment, and unfortunately the bulk of the IOS devices here do not support native SecurID (SDI) protocol. With the older RSA SecurID deployment version, it supported TACACS running on the system, now in 8.x it does not.  Myself, along with RSA Support, are having problems getting TACACS working correctly with the new RSA Deployment, so the idea turned to possibly just using RADIUS
    I have setup the RADIUS server-host, and configured the AAA authentication and authorization commands as follows:
    #aaa new-model
    #radius-server host 1.1.1.1 timeout 10 retransmit 3 key cisco123!
    #aaa authentication login default group radius enable
    #aaa authorization exec default group radius local
    I have also tried
    #aaa authorization exec default group radius if-authenticated local
    I can successfully authenticate via SSH to User Mode using my SecurID passcode -- however, when I go to enter Priv Exec mode, it wont take the SecurID passcode - I just get an "access denied"
    I've ran tcpdump on the RSA Primary Instance, looking for 1645/1646 traffic, and I dont get anything
    I've turned on RADIUS debugging on the IOS device, and I dont get anything either
    I did see this disclaimer in a Cisco doc: "The RADIUS method does not work on a per-username basis."  -- not sure if this is related to my issue?
    I'm beginning to wonder if IOS/AAA cant pass authorization-exec process to RSA SecurID

    I don't have a solution, but can confirm I have the same problem and am also trying to find a solution.
    I see no data sent to the RSA server when using the wireless AP. With other equipment on the same ACS, I do see the attempts going to the RSA server.
    The first reply doesn't seem to apply to me, since it's not sending a request from the ACS machine to the RSA machine.

  • 2106 and RSA RADIUS

    I have a 2106 wireless controller set up along with a 1252 access point. I am able to authenticate to the AP via WPA-PSK without issue. However when I configure authentication to use our RSA RADIUS server it fails with several error messages. I am confident the RADIUS server is set up properly because we have been using it to authenticate to your routers/switches for the past year.
    Here are the error messages I receive in the controllers logs:
    DOT1X-3-ABORT_AUTH: Authentication Aborted
    DOT1X-3-AAA_SEND_FAILURE: Unable to send AAA message for client <mac address>
    DOT1X-3-MAX_EAP_RETRIES: Max EAP identity request retries (3) exceeded for client <mac address>
    AAA-4-RADIUS_RESPONSE_FAILED: RADIUS server <ip address> failed to respond to request (IDxx) for STA <mac address> / user 'unknownUser'
    Looking at the accounting logs on the RADIUS server also show that the devices MAC is being sent as the UserName, which doesn't seem right to me which may be the issue but I'm unsure how to fix it, especially since I don't have MAC filtering turned on.
    I am trying to authenticate with a MacBook Pro running 10.5.2.

    Well having no luck going to my RADIUS server directly from the WLC I decided to try using our test ACS server in the mix. I configured it to talk to the RSA RADIUS server and reconfigured to the WLC to talk to the ACS server.
    Except for not selecting the proper protocols I authenticated without a hitch using a token code on an XP machine with the Cisco client.
    I then fired up the Mac and it authenticated properly with no issues as well, and even gave me the option to say it was a one time password. I thought I read elsewhere that one time passwords weren't supported? Well apparently they are now.

Maybe you are looking for