cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
84099
Views
109
Helpful
6
Replies

Difference between login and login local

ashish2484
Level 1
Level 1

So while configuring a line console 0, if I user login local command I am locked out of the switch!

What is the difference between "login local" and "login" commands? I tried this in packet tracer and every time I use the login local it asks for username that I havent setup.

Regards,

Ashish Kumar

6 Replies 6

Dennis Mink
VIP Alumni
VIP Alumni

login is used on vty and console and means that the password that is user for its authentication, is configured under vty and console as well.

Login local, means that authentication uses locally configured credentials using the 

username <joebloggs> privilege <15> secret 0 password    command in global configuration mode

Hope this helps

Please remember to rate useful posts, by clicking on the stars below.

Can you leave the privilege level out for the default value? Also, what does the zero define after secret?

 

Configuring Enhanced Security Password

Command
Purpose
Step 1

Router(config)# username name secret 0 password

 

or

Router(config)# username name secret 5 encrypted-secret

Configures a username and encrypts a clear text password with MD5 encryption.


Configures a username and enters an MD5 encrypted text string which is stored as

Yes, to leave the privilege level out, just use the command : 

username Joe password cisco123

The number after secret in the command tells the hashing algorithm used by the device to store the password:

 username name secret 0 password

0 means the password doesn;t use an algorith, 5 means it used md5, 9 uses scrypt algorithm

Hi Dennis,

 

 

I made a mistake while configuring router 4451 line console 0 by adding login local anwithout adding any command before for username ....pass  command. And now I am locked out of router and its asking for username and password. What should I do?

Hi Adeebtaqui,

 

Have you configured  vty line? If so, we can access the router using telnet / ssh rather than Console.

 

After logging in, either we can create local usernames and password or we can replace login local with login based on requirement.

 

Regards,

Selva

Login uses only a password while the login local command requires the configuration of a username as well as a password. 

While configuring the cisco router with the login command under line vty 0, in case a password isn't set , the login command does not execute and instead the user is prompted with a  warning to set the password. 

However, if a username and password isn't set and login local command is executed, no warning is issued and once the user gets logged out of the device,a password recovery might be required.