I previously mentioned I’d write about using set system login password format sha1
in Junos. I haven’t had a ton of time, and I blew $80 by launching a g2.8xlarge AWS instance and forgetting about it (do billing alerts only proc weekly?) so I’m postponing the real research, but suffice it to say that SHA-1 password hashes in Junos are appropriately more difficult than $1. I’m still confused about the lack of bcrypt, but I suppose in serious environments nobody else has access to your configs anyway. Someday…