Cisco device – local credentials
September 19, 2015
This post describes some notes about locally stored Cisco usernames, passwords and privileges.
- there are 16 levels of privileges on Cisco device (from 0 to 15)
- by default, when you type enable command you get into level 15 (all commands allowed)
- for every level you can specify password and secret password. The second one has precedence.
- for every level you can specify which commands are allowed
- you can define username and its password
- for every user you can define its privilege level (default level when user login)
- you enable username/password login feature with login local command
The following example:
- define privilege level 3 – this level allows to enter configure command withing exec mode
- define password for privilege level 3
- define username with password; user was gained privilege level 3
- enable login with username/password on console line
ap(config)# ap(config)# privilege exec level 3 configure ap(config)# enable password level 3 SecretPswd3 ap(config)# ap(config)# username lukas privilege 3 password 0 mypass ap(config)# line console 0 ap(config-line)# login local ap(config-line)#