Low privilege account creation

vipinrajrc · ‎08-22-2011

Hi Experts,

I need to create a low privilege account, just to view only show commands. I already have created a full privilege account (local username) and binded with the telnet line. also enable password is there.

I tried by creating a enable password with level1 priviliege.

please provide a suitable suggestion.

Thanks

Vipin

Thanks and Regards, Vipin

lgijssel · ‎08-22-2011

Please check this link:

http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfpass.html

regards,

Leo

Latchum Naidu · ‎08-22-2011

Hi Vipin,

See the below example configs.

#username six privilege 6 password 0 six

privilege exec level 6 show running

As per above config user six is able to Telnet in and execute the show run command, but the resulting configuration is virtually blank because this user cannot configure anything (configure terminal is at level 8, not at level 6). The user is not permitted to see usernames and passwords of the other users, or to see Simple Network Management Protocol (SNMP) information.

Please rate the helpful posts.
Regards,
Naidu.

vipinrajrc · ‎08-23-2011

Hi,

I just need to create privilege level with the following commands

show running-config

sh ip int brief

sh cdp neighbors

ping

traceroute

sh interface

sh ip route

I tried with the level6, but from show run there is nothing .

Is there any special meaning to the levels? Why you specify level 6?? Why not level 5 or level 7?????

That is my doubt... is there any special meaning for different levels????

Thanks

Vipin

Thanks and Regards, Vipin

narendrakumar1987in · ‎08-22-2011

Dear Vipin,

Creating "views" is a good option..

http://www.fir3net.com/Router/Cisco-Router/creating-cli-views-on-a-cisco-router.html

Thank you

Naren