Difference between revisions of "Cisco IOS: Associate a user with default higher privileges"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
|||
(18 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | + | Change or set password to a User: | |
− | * <code>username MY_USER secret | + | * <code>[[username]] MY_USER [[secret]] MY_PASSWORD</code> |
+ | * <code>[[username MY_USER password MY_PASSWORD]]</code> | ||
+ | |||
+ | |||
+ | |||
+ | == Create user == | ||
Router#[[config terminal]] | Router#[[config terminal]] | ||
Enter configuration commands, one per line. End with CNTL/Z. | Enter configuration commands, one per line. End with CNTL/Z. | ||
− | Router(config)#username MY_USERNAME_1 privilege 5 | + | Router(config)#username MY_USERNAME_1 [[privilege]] 5 |
− | Router(config)#username MY_USERNAME_2 privilege 15 | + | Router(config)#username MY_USERNAME_2 [[privilege]] 7 |
+ | Router(config)#username MY_USERNAME_3 privilege 15 | ||
Router(config)#^Z | Router(config)#^Z | ||
Router# | Router# | ||
− | https://www.oreilly.com/library/view/hardening-cisco-routers/0596001665/ch04.html | + | Ref: https://www.oreilly.com/library/view/hardening-cisco-routers/0596001665/ch04.html |
+ | |||
+ | |||
+ | Verify: | ||
+ | sh running-config | inc user | ||
+ | username MY_USERNAME_2 privilege 7 password 7 04060F04241D1C5A5T | ||
+ | username MY_USERNAME_3 privilege 15 | ||
+ | |||
Example with error: | Example with error: | ||
− | + | Router(config)#username MY_USER privilege 15 password MY_PASSWORD | |
− | Router(config)#username MY_USER privilege 15 password MY_PASSWORD | ||
WARNING: Command has been added to the configuration using a type 0 password. However, type 0 passwords will soon be deprecated. Migrate to a supported password type | WARNING: Command has been added to the configuration using a type 0 password. However, type 0 passwords will soon be deprecated. Migrate to a supported password type | ||
− | |||
− | + | == Password: Enable Type 9 passwords for username MY_USERNAME_1 == | |
− | == Enable Type 9 passwords for username MY_USERNAME_1 == | ||
Read first: https://learningnetwork.cisco.com/docs/DOC-27166 | Read first: https://learningnetwork.cisco.com/docs/DOC-27166 | ||
Line 36: | Line 46: | ||
</pre> | </pre> | ||
− | + | == Delete user == | |
<pre> | <pre> | ||
R1(config)#no username USERNAME_TO_DELETE | R1(config)#no username USERNAME_TO_DELETE | ||
Line 42: | Line 52: | ||
</pre> | </pre> | ||
− | + | == Related terms == | |
− | == Related | ||
* <code>[[sh run]] | i user</code> | * <code>[[sh run]] | i user</code> | ||
* <code>[[show users]]</code> | * <code>[[show users]]</code> | ||
+ | * <code>[[privilege]]</code> | ||
+ | * <code>[[admin]]</code> account | ||
== Activities == | == Activities == |
Latest revision as of 10:54, 14 April 2021
Change or set password to a User:
Contents
Create user[edit]
Router#config terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#username MY_USERNAME_1 privilege 5 Router(config)#username MY_USERNAME_2 privilege 7 Router(config)#username MY_USERNAME_3 privilege 15 Router(config)#^Z Router# Ref: https://www.oreilly.com/library/view/hardening-cisco-routers/0596001665/ch04.html
Verify:
sh running-config | inc user username MY_USERNAME_2 privilege 7 password 7 04060F04241D1C5A5T username MY_USERNAME_3 privilege 15
Example with error:
Router(config)#username MY_USER privilege 15 password MY_PASSWORD WARNING: Command has been added to the configuration using a type 0 password. However, type 0 passwords will soon be deprecated. Migrate to a supported password type
Password: Enable Type 9 passwords for username MY_USERNAME_1[edit]
Read first: https://learningnetwork.cisco.com/docs/DOC-27166
R1(config)#username MY_USERNAME_1 algorithm-type scrypt secret MY_PASSWORD R1(config)#
Error in case user where already created with password option:
R1(config)#username MY_USERNAME_1 algorithm-type scrypt secret MY_PASSWORD ERROR: Can not have both a user password and a user secret. Please choose one or the other.
Delete user[edit]
R1(config)#no username USERNAME_TO_DELETE This operation will remove all username related configurations with same name.Do you want to continue? [confirm]
Related terms[edit]
sh run | i user
show users
privilege
admin
account
Activities[edit]
- Configure a user with public key access Cisco IOS/Configure public RSA key authentication
- Learn about different Cisco Router Password Types: https://learningnetwork.cisco.com/docs/DOC-27166
- List users:
show running-config | inc username
- Delete a user with
no username USERNAME_TO_DELETE
command
See also[edit]
- Cisco IOS: Cisco IOS XE, Config (mode), VLANs, Cisco IOS logging, VTP, ACLs,
show logging
,show logging history
,show interface status
,debug
,archive
,show archive
,conf t
,int
,ip http server
,ip ssh
,ip address
, vty,show mac address-table
,show access-list
, Access-list,ip access-group
,admin
- wikipedia:Scrypt key derivation function
Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Source: https://en.wikiversity.org/wiki/Cisco_IOS/Associate_a_user_with_default_higher_privileges
Advertising: