Before 13.1 version on Netscaler if we replace the ns.conf file from one Netscaler to another everything would normally work including the passwords. This means if I copy the command with the password in the hash, it would work fine. However, after 13.1 they started to include additional hashing where the commands used to have an additional part that said KEK . Here the password gets hashed again with keys local to the device. This means if you copy the command from one Netscaler and try pasting on another one it will fail.
It would throw an error saying the decryption failed. There is a way to get rid of this. If we go to /nsconfig folder there will be a folder with name keys. Try copying the files to the device where you wanted to import the password and this will work like magic.
No comments:
Post a Comment