Passwords are used
to restrict access to a CISCO router. Passwords can be given to the virtual
terminal lines and the console line. Moreover, password can be set privileged
EXEC mode. This page will provide the information to set up CISCO router password to virtual terminal lines, console lines and
privileged mode. Even more, you will learn how to encrypt the password also.
Why console
password is required?
Console password
is useful on a network on which multiple people have to access to the router.
The persons who are not authorized, can't access the router. Thus it prevents
unauthorized person from accessing the router.
- Enter global configuration mode of the CISCO router.
- Put the command line console 0 to the router.
- Provide the password by using password command. For example, if you want to put password "cisco" then the command will be password cisco.
- At last, put the command login.
Commands for
configuring console password
Router>enable
Router#config t
Enter
configuration commands, one per line.
End with CNTL/Z.
Router(config)#line
console 0
Router(config-line)#password
cisco
Router(config-line)#login
Router(config-line)#
Why virtual
terminal password is required?
Virtual terminal
password refers to telnet password. Through telnet, you can access the router
and can change anything. So, it's really important to protect the use of telnet
by giving a strong password.
Configuring
virtual terminal password of a CISCO router:
Different hardware
has different no of vty lines defined. Cisco has the range 0 to 4 vty lines. It means
it has 5 vty lines. You can set the password of vty lines by the following
steps:
- Enter global configuration mode of the CISCO router.
- Put the command line vty 0 4 to the router.
- Provide the password by using password command. For example, if you want to put password "cisco" then the command will be password cisco.
- At last, put the command login.
Commands for
configuring virtual terminal password
Router>enable
Router#configure
terminal
Enter
configuration commands, one per line. End with CNTL/Z.
Router(config)#line
vty 0 4
Router(config-line)#password
cisco
Router(config-line)#login
Router(config-line)#
Why enable
password is required?
Enable password is
required to restrict the access of privileged EXEC mode.
Configuring
enable password of a CISCO router:
From the global
configuration mode, use the command enable password to restrict access
to privileged EXEC mode. However, this password is visible in the routers
configuration file. To encrypt the password, enable secret command is
required. By using enable secret command the password is encrypted and can't be
readable to a human.
Commands for
configuring enable password
Enable
password:
Router>enable
Router#config
Router#configure
terminal
Enter
configuration commands, one per line.
End with CNTL/Z.
Router(config)#enable
password cisco
Router(config)#
Perform
password encryption:
Router>enable
Router#config
Router#configure
terminal
Enter
configuration commands, one per line.
End with CNTL/Z.
Router(config)#enable
secret cisco
Router(config)#
How to encrypt
all the CISCO router password?
By default all the
passwords of a CISCO router is readable in clear text in the configuration
file. This is a great security threat if someone read it and configure or
change the router configuration. So, to protect form display the password, service
password-encryption command is used to encrypt the passwords. Service
password-encryption is a global command and encrypt the passwords:
- enable password
- console password
- vty password
- aux password
By following the
above steps you can easily configure CISCO router passwords.
More Cisco ROUTER INFO: http://blog.router-switch.com/
No comments:
Post a Comment