Solved: Re: how to change telnet password with aaa authentication method already configured switch 4507R

MAK6 · ‎03-15-2020

how i can change telnet password with aaa authentication method configured already with below config.

logging queue-limit 2000
logging buffered 16384 informational
logging rate-limit all 1000 except errors
no logging console
enable secret 4 xxxx
!
username xxxx privilege 15 password 7 xxxxx
aaa new-model
!
!
aaa authentication login default local
aaa authentication login VTY_authen local
aaa authorization console
aaa authorization exec default local
aaa authorization exec VTY_author local

line vty 0 4
exec-timeout 30 0
authorization exec VTY_author
logging synchronous
login authentication VTY_authen
transport input all
transport output all
line vty 5 15
exec-timeout 5 0
authorization exec VTY_author
logging synchronous
login authentication VTY_authen
transport input all
transport output all

ngkin2010 · ‎03-15-2020

Hi,

Your are highly recommended to remove the coded password from your post!! In which could be revert back to clear text easily.

username <REMOVE> privilege 15 password 7 <REMOVE>

---

Corresponding to your question, the line vty was configured to use "aaa login VTY_authen"

where VTY_authen is using local user database to authenticate user. You could simply change the password for local users:

username <USERNAME> privilege 15 secret <NEW_PASSWORD>

Then login telnet with the new username/password.

View solution in original post

ngkin2010 · ‎03-15-2020

Hi,

Your are highly recommended to remove the coded password from your post!! In which could be revert back to clear text easily.

username <REMOVE> privilege 15 password 7 <REMOVE>

---

Corresponding to your question, the line vty was configured to use "aaa login VTY_authen"

where VTY_authen is using local user database to authenticate user. You could simply change the password for local users:

username <USERNAME> privilege 15 secret <NEW_PASSWORD>

Then login telnet with the new username/password.

MAK6 · ‎03-15-2020

Hi ngkin,

Thanks for your reply..

Your solution bit works,as i want to change the password only and username will be the same old one.

regards

paul driver · ‎03-15-2020

@MAK6 wrote:

Your solution bit works,as i want to change the password only and username will be the same old one.

conf t
username <same username> privilege 15 password <new password>

However @ngkin2010 is correct suggest you should change from a clear text password to a md5 authentication one

conf t
no username <same username>
username <same username> privilege 15 secret <new password>

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Cristian Matei · ‎03-15-2020

Hi,

The VTY line telnet password is configured via "password" command, under "line vty". However, if you use username/password authentication, as you currently do, it means telnet is authenticated via username/password, so the line password is ignored. If you want to authenticate via line password by using AAA, do the following changes: