Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
75060
Views
109
Helpful
6
Replies

Difference between login and login local

ashish2484
Level 1
Level 1

‎03-25-2017 06:29 AM

So while configuring a line console 0, if I user login local command I am locked out of the switch!

What is the difference between "login local" and "login" commands? I tried this in packet tracer and every time I use the login local it asks for username that I havent setup.

Regards,

Ashish Kumar

6 people had this problem
Labels:
6 Replies 6

Dennis Mink
VIP Alumni
VIP Alumni

‎03-26-2017 05:57 PM

login is used on vty and console and means that the password that is user for its authentication, is configured under vty and console as well.

Login local, means that authentication uses locally configured credentials using the 

username <joebloggs> privilege <15> secret 0 password    command in global configuration mode

Hope this helps

Please remember to rate useful posts, by clicking on the stars below.

Neemo
Level 1
Level 1
In response to Dennis Mink

‎04-03-2018 06:05 AM - edited ‎04-03-2018 06:08 AM

Can you leave the privilege level out for the default value? Also, what does the zero define after secret?

 

Configuring Enhanced Security Password

Command
Purpose
Step 1

Router(config)# username name secret 0 password

 

or

Router(config)# username name secret 5 encrypted-secret

Configures a username and encrypts a clear text password with MD5 encryption.


Configures a username and enters an MD5 encrypted text string which is stored as

0 Helpful

anmolkauranmolkaur
Level 1
Level 1
In response to Neemo

‎12-17-2020 06:47 AM

Yes, to leave the privilege level out, just use the command : 

username Joe password cisco123

The number after secret in the command tells the hashing algorithm used by the device to store the password:

 username name secret 0 password

0 means the password doesn;t use an algorith, 5 means it used md5, 9 uses scrypt algorithm

adeebtaqui
Level 4
Level 4
In response to Dennis Mink

‎05-27-2018 07:05 PM

Hi Dennis,

 

 

I made a mistake while configuring router 4451 line console 0 by adding login local anwithout adding any command before for username ....pass  command. And now I am locked out of router and its asking for username and password. What should I do?

selvakumar.vec
Level 1
Level 1
In response to adeebtaqui

‎06-05-2018 01:22 AM

Hi Adeebtaqui,

 

Have you configured  vty line? If so, we can access the router using telnet / ssh rather than Console.

 

After logging in, either we can create local usernames and password or we can replace login local with login based on requirement.

 

Regards,

Selva

anmolkauranmolkaur
Level 1
Level 1

‎12-17-2020 07:18 AM

Login uses only a password while the login local command requires the configuration of a username as well as a password. 

While configuring the cisco router with the login command under line vty 0, in case a password isn't set , the login command does not execute and instead the user is prompted with a  warning to set the password. 

However, if a username and password isn't set and login local command is executed, no warning is issued and once the user gets logged out of the device,a password recovery might be required. 

0 Helpful
Customers Also Viewed These Support Documents