Table of Contents
Advertisement
Protecting Access to Privileged EXEC Commands
To configure encryption for enable and enable secret passwords, follow these steps, beginning in
privileged EXEC mode:
Command
Step 1
configure terminal
Step 2
enable password [level level] {password |
encryption-type encrypted-password}
or
enable secret [level level] {password |
encryption-type encrypted-password}
Step 3
service password-encryption
Step 4
end
Step 5
copy running-config startup-config
If both the enable and enable secret passwords are defined, users must enter the enable secret password.
Use the level keyword to define a password for a specific privilege level. After you specify the level and
set a password, give the password only to users who need to have access at this level. To specify
commands accessible at various levels, use the privilege level command in global configuration mode.
For more information, see the
If you enable password encryption, it applies to all passwords, including username passwords,
authentication key passwords, the privileged command password, and console and virtual terminal line
passwords.
To remove a password and level, use the no enable password [level level] or no enable secret [level
level] command in global configuration mode. To disable password encryption, use the no service
password-encryption command in global configuration mode.
Cisco 3200 Series Wireless MIC Software Configuration Guide
8
Purpose
Enters global configuration mode.
Defines a new password or change an existing password for
access to privileged EXEC mode.
or
Defines a secret password, which is saved using a
nonreversible encryption method.
•
(Optional) For level, the range is from 0 to 15. Level 1 is
normal user EXEC mode privileges. The default level is
15 (privileged EXEC mode privileges).
For password, specify a string from 1 to 25
•
alphanumeric characters. The string cannot start with a
number, it is case sensitive, and it allows spaces but
ignores leading spaces. By default, no password is
defined.
•
(Optional) For encryption-type, only type 5, a Cisco
proprietary encryption algorithm, is available. If you
specify an encryption type, you must provide an
encrypted password—an encrypted password that you
copy from another WMIC configuration.
If you specify an encryption type and then enter a
Note
clear text password, you can not reenter privileged
EXEC mode. You cannot recover a lost encrypted
password by any method.
(Optional) Encrypt the password when the password is
defined or when the configuration is written.
Encryption prevents the password from being readable in the
configuration file.
Returns to privileged EXEC mode.
(Optional) Saves your entries in the configuration file.
"Configuring Multiple Privilege Levels" section on page
Administering the WMIC
10.
Hide quick links:
Advertisement
Table of Contents
