cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
778
Views
0
Helpful
7
Replies

passwords

jose.jimenez
Level 1
Level 1

How do I setup a password for router?

What's different about secret enable?

Will that allow me to login without username and use just a password?

2 Accepted Solutions

Accepted Solutions

Jagdeep Gambhir
Level 10
Level 10

Jose,=

Please follow these steps.

To set up local user and password,

Step 1 : Create Username and Password for the telnet session

Router#config t

Router(config)# username cisco password mike123

" in above example we are created cisco as the username and mike123 as password .

Step 2: Configure the Telnet session under line Vty lines .

Router#config t

Router(config)# line vty 0 4

Router(config)# login local

If you want to configure your router for the enable password as cisco , then follow,

Step 1 : Router#config t

Router(config)#enable password cisco

If you want to configure your router for the enable Secret password as cisco ,

Step 1: Router#config t

Router(config)#enable secret cisco

if you configured both enable and enable secret then only enable secret will be active.

If you don't that router should prompt for user name ,pwd then do not set up local user.

I hope so that these Steps will help you to configure the router.

Regards,

~JG

Please rate helpful posts

View solution in original post

JORGE RODRIGUEZ
Level 10
Level 10

Hi Jose, go over the bellow link to get an understanding of Cisco ios passwords and the history behind in using enable secrets and enable passwords.

The use of enable secret passwords simply provides more security as password are encrypted.

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00801d7efa.shtml

Also go over this link for IOS basic commands

including passwords, saving configurations

and different type of configuration modes on a router.

etc.

http://www.cisco.com/en/US/products/hw/routers/ps380/products_configuration_guide_chapter09186a0080118cd0.html#1018611

[edit]

If need to configure a username and directly go into router enable mode you can do:

router>#config t

router>(config)#username personsname privilege 15 password xxxxx

HTH

Jorge

Jorge Rodriguez

View solution in original post

7 Replies 7

Jagdeep Gambhir
Level 10
Level 10

Jose,=

Please follow these steps.

To set up local user and password,

Step 1 : Create Username and Password for the telnet session

Router#config t

Router(config)# username cisco password mike123

" in above example we are created cisco as the username and mike123 as password .

Step 2: Configure the Telnet session under line Vty lines .

Router#config t

Router(config)# line vty 0 4

Router(config)# login local

If you want to configure your router for the enable password as cisco , then follow,

Step 1 : Router#config t

Router(config)#enable password cisco

If you want to configure your router for the enable Secret password as cisco ,

Step 1: Router#config t

Router(config)#enable secret cisco

if you configured both enable and enable secret then only enable secret will be active.

If you don't that router should prompt for user name ,pwd then do not set up local user.

I hope so that these Steps will help you to configure the router.

Regards,

~JG

Please rate helpful posts

Thank you JG!!

JORGE RODRIGUEZ
Level 10
Level 10

Hi Jose, go over the bellow link to get an understanding of Cisco ios passwords and the history behind in using enable secrets and enable passwords.

The use of enable secret passwords simply provides more security as password are encrypted.

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00801d7efa.shtml

Also go over this link for IOS basic commands

including passwords, saving configurations

and different type of configuration modes on a router.

etc.

http://www.cisco.com/en/US/products/hw/routers/ps380/products_configuration_guide_chapter09186a0080118cd0.html#1018611

[edit]

If need to configure a username and directly go into router enable mode you can do:

router>#config t

router>(config)#username personsname privilege 15 password xxxxx

HTH

Jorge

Jorge Rodriguez

Thank you Jorge!

Richard Burts
Hall of Fame
Hall of Fame

Jose

In the implementation of IOS there is a password to get to user mode and an enable password to get to privilege mode (sometimes called enable mode). By default both of these passwords are entered in clear text and are stored in the config in clear text. Cisco provides the ability to encrypt these passwords using the service password-encryption.

However the encryption used is a fairly weak one and there are multiple sources for software that will break the encryption and recover the clear text password. So Cisco provided the ability to protect the password to privilege mode with strong encryption by configuring enable secret. So enable secret is designed to never be in the clear and to be protected by a strong encryption.

I am not sure that I understand the second part of your question. I am not sure whether you are asking about the ability to login (to user mode) without a username and only use a password or whether you are talking about login and get directly to privilege mode.

It is easy to login with a password (and no username) and go into user mode. This is the default behavior of IOS. If you configure a password on the vty lines (and configure login on the vty lines) then when you telnet to the router you will be prompted for a password and it will log you in without a user name.

If you want to login and go directly to privilege mode (without using AAA) you would want to configure login local under the vty lines which will prompt for a user name and a password. You need to configure at least one user name and password before you configure login local or you may lock yourself out of the router. In configuring the user name there is an optional parameter "privilege" and if you configure a user name with privilege 15 then that user will go directly into privilege mode. There is also a way to do this with AAA authorization but that is more complicated and can be discussed later.

HTH

Rick

HTH

Rick

Thanks Rick!

Thanks Rick!

Review Cisco Networking for a $25 gift card