Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
46417
Views
0
Helpful
8
Replies

Change Enable Password

Go to solution
laurabolda
Level 1
Level 1

‎05-19-2010 01:50 PM

We have ASA 5510, running 8.2 (2) IOS.  We want to change the enable password.  Is this the correct syntax?

enable password newpassword encrypted

Thanks.

Labels:
0 Helpful
5 Accepted Solutions

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-19-2010 02:00 PM 

laurabolda wrote:
We have ASA 5510, running 8.2 (2) IOS.  We want to change the enable password.  Is this the correct syntax?
enable password newpassword encrypted
Thanks.

Laura

The command references are the things to use when you need to know the syntax for a command -

ASA 8.2 command reference

note you only specify the "encrypted" keyword if the password you are entering is already encrypted ie. not clear text so you probably don't need it. See the command reference for full details.

Jon

View solution in original post

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Jon Marshall

‎05-19-2010 02:48 PM

Jon is absolutely right.

To configure a new enable password: "enable password ", and the password will automatically be encrypted.

You only need to add the "encrypted" keyword if your password is already in encrypted format, normally if you RMA the appliance, and just restoring the configuration that has the password encrypted, then you would just copy and paste that "enable password encrypted" line.

Hope that helps.

View solution in original post

0 Helpful

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to laurabolda

‎05-19-2010 07:12 PM

Laura,

To remove the telnet commands do a:

sh run telnet

and remove the commands.

The recommended access is via SSH.

Federico.

View solution in original post

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to laurabolda

‎05-20-2010 02:20 PM

Laura, you are absolutely correct.

If you just have the "telnet timeout 5" command, that means that telnet is already disabled.

You can safely remove the "passwd" statement.

View solution in original post

0 Helpful
8 Replies 8

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-19-2010 02:00 PM 

laurabolda wrote:
We have ASA 5510, running 8.2 (2) IOS.  We want to change the enable password.  Is this the correct syntax?
enable password newpassword encrypted
Thanks.

Laura

The command references are the things to use when you need to know the syntax for a command -

ASA 8.2 command reference

note you only specify the "encrypted" keyword if the password you are entering is already encrypted ie. not clear text so you probably don't need it. See the command reference for full details.

Jon

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Jon Marshall

‎05-19-2010 02:48 PM

Jon is absolutely right.

To configure a new enable password: "enable password ", and the password will automatically be encrypted.

You only need to add the "encrypted" keyword if your password is already in encrypted format, normally if you RMA the appliance, and just restoring the configuration that has the password encrypted, then you would just copy and paste that "enable password encrypted" line.

Hope that helps.

0 Helpful

Go to solution
laurabolda
Level 1
Level 1
In response to Jennifer Halim

‎05-19-2010 06:32 PM

Thanks Jon and Halijenn.  One more question:  I also have the "passwd" statement below enable password.  What is this "passwd" statement?   Is this "passwd" different from the Enable Password.   I do not see it in the Command Reference Guide.  For example, I have the following in the Config.

enable password hiKujhC12luem encrypted

passwd 2Kd3iekdIdI.2KPOU encrypted

Thank you.

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to laurabolda

‎05-19-2010 06:42 PM

passwd is telnet password to the ASA.

Here is the command reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/p.html#wp1913898

0 Helpful

Go to solution
laurabolda
Level 1
Level 1
In response to Jennifer Halim

‎05-19-2010 07:00 PM

Thanks for your prompt response, Halijenn.  I did not know the "passwd" statement is for telnet.  It must be installed by default.  So, I guess the default password would be "cisco".    That means I am able to telnet to the ASA, too and I did not know.   Would you recommend removing this telnet password since I already setup SSH?   Besides removing this "passwd" statement, do I also need to remove the telnet statement?

Thank you.

0 Helpful

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to laurabolda

‎05-19-2010 07:12 PM

Laura,

To remove the telnet commands do a:

sh run telnet

and remove the commands.

The recommended access is via SSH.

Federico.

0 Helpful

Go to solution
laurabolda
Level 1
Level 1
In response to Federico Coto Fajardo

‎05-20-2010 01:52 PM

Federico,

When I typed "sh run telnet", I got "telnet timeout 5".  Does it mean telnet is NOT allowed?

When I tried to telnet to the ASA, I got "connection to session XX.XXX.XXX.XX failed.  Connection timed out".  Does it mean telnet is NOT allowed?

So, is it OK to remove the passwd statement?

Thanks.

Laura

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to laurabolda

‎05-20-2010 02:20 PM

Laura, you are absolutely correct.

If you just have the "telnet timeout 5" command, that means that telnet is already disabled.

You can safely remove the "passwd" statement.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents