Monday, 25 November 2013

How to Configuring Passwords and Privileges

Using passwords and assign permission levels to provide terminal access control in your network in a simple way.

Complete description of the commands used in this chapter, refer to the Cisco IOS Security command reference for "passwords and privileges commands" chapter. To find document displays additional commands in this chapter, use the command reference master index or search online.

To identify the hardware platforms or software image associated with the feature information, use feature Navigator on Cisco.com search for information about features, or up to a specific version of software version information, see. For more information, see the "using the Cisco IOS software. "In the chapter" identifying supported platforms "section

Setting or Changing a Static Enable Password:

To set or change a static password that controls access to privileged EXEC (enable) mode, use the following command in global configuration mode:

Command:

Router(config)# enable

password password

Protecting Passwords with Enable Password and Enable Secret:

To provide extra security, especially the password across the network or stored on a TFTP server, you can use any of the enable password or enable secret command. These two commands do the same thing, that is, they allow you to set up an encrypted password, the user must enter the access mode is enabled (the default), or any privilege level you specify.

We recommend you use the enable secret command, because it uses an improved encryption algorithm. Only start the old Cisco IOS software image, or if you boot the old boot Rom doesn't recognize the enable secret command, use the enable password command.

If you configure an enable secret command, it takes precedence over the enable password command two commands cannot enter into force simultaneously.

Command:

Router(config)# enable password [level level] {password| encryption-type encrypted-password}

or

Router(config)# enable secret [level level] {password | encryption-type encrypted-password}

Either of the above commands with the-level option is used to define the password for a specific permission level. The level you specify, and set up a password, password to the users who only need to have access to this level. Use the privilege level configuration command specifies the command to access all levels.

If you have the service password-encryption command is enabled, your password is encrypted. When you show it with more than one system: when you run the-config command, it will be displayed in the encrypted form.

If you specify an encryption type, you must provide an encrypted password--copy the encrypted password from another router configuration.



0 comments:

Post a Comment