Cisco - Enable Password Protection#
Introduction:#
All of the commands were tested on ‘Cisco Packet Tracer’.
Simulating a Console Connection#
Device Renaming (Option)#
1
2
3
| Router>enable
Router#configure terminal
Router(config)#hostname R1
|
| Command | Description |
|---|
| enable | Enter privilege EXEC mode, which provides access to all the commands in the Cisco IOS software. |
| configure terminal | Enter global configuration mode, which provides access to the configuration commands that affect the entire network device. |
| hostname R1 | Set the hostname of the device to “R1”. |
Setup Password#
1
| R1(config)#enable secret ccna
|
This command sets the enable secret password to “ccna”. The enable secret password is used to control access to privileged EXEC mode.
1
2
3
4
5
6
| R1(config)#line console 0
R1(config-line)#password cisco
R1(config-line)#login #tell the device use password to connect the console
R1(config-line)#exit
R1(config)#service password-encryption #encryption the password
R1#exit
|
| Command | Description |
|---|
| line console 0 | Configure the settings for the console port. |
| password cisco | Set the password for the console port to “cisco”. |
| login | Enable login authentication on the console port. |
| exit | Exit from the current configuration mode. |
| service password-encryption | Encrypt all plaintext passwords, including the enable secret password and the console port password. |
1
2
| R1(config)#exit
R1#write memory
|
| Command | Description |
|---|
| write memory | Save the configuration changes to the device’s non-volatile memory. |
| exit | Exit from the privilege EXEC mode and return to user EXEC mode. |
Verify Login Via Password#
User Access Verification
Password: cisco
Password:ccna
Create Local Account#
Create Console’s Account and Password
1
2
3
4
5
6
7
| R1#enable
R1#configure terminal
R1(config)#username cisco secret ccna
R1(config)#line console 0
R1(config-line)#login local
R1(config-line)#end
R1>logout
|
| Command | Description |
|---|
| username cisco secret ccna | Create a user account with the username “cisco” and a secret password of “ccna”. |
| line console 0 | Configure the settings for the console port. |
| login local | Enable local authentication for login on the console port. |
| end | Exit from the current configuration mode and return to privileged EXEC mode. |
| logout | Logout from the current session and terminate the connection to the device. |
Verify Local Account Login#
User Access Verification
Username:cisco
Password:ccna
Password:ccna
Remove Password Protection#
1
2
3
| R1>enable
R1#configure terminal
(Config)#no enable secret
|
| Command | Description |
|---|
| no enable secret | Remove the enable secret password from the device configuration. |
1
| R1(config)#no username cisco
|
| Command | Description |
|---|
| no username cisco | Remove the user account with the username “cisco” from the device configuration. |
Setup the console port to time out
1
2
3
| (config)#line console 0
(config-line)#exec-time 00 00
(config-line)#exec-time 02 30
|
| Command | Description |
|---|
| line console 0 | Configure the settings for the console port. |
| exec-time 00 00 | Set the console port to never time out. |
| exec-time 02 30 | Set the console port to time out after 2 hours and 30 minutes of inactivity. |
Prevents logging messages from interrupting command entry
1
2
| (config)#line console 0
(config-line)#logging synchronous
|
| Command | Description |
|---|
| logging synchronous | Enable synchronous logging mode on the console port. |
Reference:#
