Check if configured password on Cisco device is what you expect it to be.

check_cisco_hash.py

import crypt
from hmac import compare_digest

cisco = "username REDACTED password 5 $5$SALT$SOME-HASH role network-admin"

def check_pw_hashes_are_eq(username_cmd: str, cleartext: str) -> bool:
    parts = username_cmd.split(' ')
    pw_hash = parts[4]
    pw_parts = pw_hash.split('$')
    meth, salt, pw = pw_parts[1:]
    return compare_digest(
        pw_hash,
        crypt.crypt(cleartext, '${m}${s}'.format(m=meth, s=salt)),
    )

print(check_pw_hashes_are_eq(cisco, 'REDACTED'))