Cisco - Enable Password Protection
Introduction:
All of the commands were tested on ‘Cisco Packet Tracer’.
Simulating a Console Connection
Device Renaming (Option)
Router>enable
Router#configure terminal
Router(config)#hostname R1
| Command | Description |
|---|---|
| enable | Enter privilege EXEC mode, which provides access to all the commands in the Cisco IOS software. |
| configure terminal | Enter global configuration mode, which provides access to the configuration commands that affect the entire network device. |
| hostname R1 | Set the hostname of the device to “R1”. |
Setup Password
R1(config)#enable secret ccna
This command sets the enable secret password to “ccna”. The enable secret password is used to control access to privileged EXEC mode.
R1(config)#line console 0
R1(config-line)#password cisco
R1(config-line)#login #tell the device use password to connect the console
R1(config-line)#exit
R1(config)#service password-encryption #encryption the password
R1#exit
| Command | Description |
|---|---|
| line console 0 | Configure the settings for the console port. |
| password cisco | Set the password for the console port to “cisco”. |
| login | Enable login authentication on the console port. |
| exit | Exit from the current configuration mode. |
| service password-encryption | Encrypt all plaintext passwords, including the enable secret password and the console port password. |
R1(config)#exit
R1#write memory
| Command | Description |
|---|---|
| write memory | Save the configuration changes to the device’s non-volatile memory. |
| exit | Exit from the privilege EXEC mode and return to user EXEC mode. |
Verify Login Via Password
User Access Verification
Password: cisco
R1>enable
Password:ccna
Create Local Account
Create Console’s Account and Password
R1#enable
R1#configure terminal
R1(config)#username cisco secret ccna
R1(config)#line console 0
R1(config-line)#login local
R1(config-line)#end
R1>logout
| Command | Description |
|---|---|
| username cisco secret ccna | Create a user account with the username “cisco” and a secret password of “ccna”. |
| line console 0 | Configure the settings for the console port. |
| login local | Enable local authentication for login on the console port. |
| end | Exit from the current configuration mode and return to privileged EXEC mode. |
| logout | Logout from the current session and terminate the connection to the device. |
Verify Local Account Login
User Access Verification
Username:cisco
Password:ccna
R1>enable
Password:ccna
Remove Password Protection
R1>enable
R1#configure terminal
(Config)#no enable secret
| Command | Description |
|---|---|
| no enable secret | Remove the enable secret password from the device configuration. |
R1(config)#no username cisco
| Command | Description |
|---|---|
| no username cisco | Remove the user account with the username “cisco” from the device configuration. |
Setup the console port to time out
(config)#line console 0
(config-line)#exec-time 00 00
(config-line)#exec-time 02 30
| Command | Description |
|---|---|
| line console 0 | Configure the settings for the console port. |
| exec-time 00 00 | Set the console port to never time out. |
| exec-time 02 30 | Set the console port to time out after 2 hours and 30 minutes of inactivity. |
Prevents logging messages from interrupting command entry
(config)#line console 0
(config-line)#logging synchronous
| Command | Description |
|---|---|
| logging synchronous | Enable synchronous logging mode on the console port. |