Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
485
Views
0
Helpful
4
Replies

enable secret command

D@1984
Level 1
Level 1

‎12-31-2024 11:56 AM

Hi,

If I understand correctly, in below command, we use the "line password" method for authentication and if it fails then try enable password as the second method.

#aaa authentication login default line enable

so as long as I have:

#line vty 0 4

#password cisco

 If I ssh and provide the correct password, I should be able to get authenticated, but why would this fail if I miss global command: enable password ....  in my config?

Thanks

 

 

Labels:
0 Helpful
4 Replies 4

Flavio Miranda
VIP
VIP

‎12-31-2024 01:02 PM - edited ‎12-31-2024 01:03 PM

D@1984 

I dont think this command "#aaa authentication login default line enable" exist. 

And I dont think enable is fallback for line vty.

 

" If I ssh and provide the correct password, I should be able to get authenticated, but why would this fail if I miss global command: enable password ....  in my config?"

If you provide the correct password you might be able to login in user mode. And, if have not  set the enable password and you try to move to enable, you will get the following message

% No password set.

 

 

 

0 Helpful

D@1984
Level 1
Level 1
In response to Flavio Miranda

‎12-31-2024 03:34 PM

thanks, the command does exist. and I know we get the error but what I'm trying to understand is  it asks for a password while for example I ssh to the device, I have to put the password which is configured under vty line but then why do I need the 'enable password' command. 

0 Helpful

Flavio Miranda
VIP
VIP
In response to D@1984

‎12-31-2024 04:27 PM - edited ‎12-31-2024 04:31 PM

It Will depend on How you set the aaa 

The enable password Will be used to elevate privilege with the command enable.

If you do not set the user privilege as 15, you need to use enable to enter in privilege mode

 

0 Helpful

paul driver
VIP
VIP

‎01-01-2025 01:11 AM - edited ‎01-01-2025 03:33 AM

Hello

D@1984 wrote:

#aaa authentication login default line enable


If AAA is used as above then the user will gain access to only user exec mode of the rtr via the set line vty password, no further access into privilege exec mode will be granted unless the enable secret/password has be set also.

However IF no line password isnt set then access will failover to whatever password is set for the enable secret/password feature, this then again can be also used to gain access into privilege exec mode


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents