Configuring Router Passwords
|
Rather Have Fast and Secure Remote
Control?
|
At the beginning of this chapter we configured our initial passwords using the System Configuration Dialog. In both real-life and on the exams, however, you will need to know how to configure passwords from the command line. Remember that by default, a router will usually have no passwords associated with it (some models do ship with default factory passwords, usually cisco), so this is something that you’ll definitely want to change. There are 5 main passwords associated with a Cisco router. These include:
Enable password. The enable password is used to restrict access to privileged EXEC mode on a Cisco router. Recall that enable passwords are not encrypted, meaning that they can be read in plain text via the configuration files from privileged EXEC mode. The enable password was used by older IOS versions, but has been superceded by the enable secret password, which is encrypted.
Enable secret password. The enable secret password also provides access to privileged EXEC mode on a Cisco router, but is stored in encrypted form using the Message Digest 5 (MD5) algorithm. On any Cisco router beyond IOS version 10.3, the enable secret password should always be used. In fact, you should probably ignore the enable password completely in favor of enable secret password. Again, when both are configured, only the enable secret password can be used to access privileged mode.
Console password. A console password is used to restrict access to a router’s physical console port. If a password is not associated with the console port, anyone can walk up to the router, plug in a rollover cable and create a session, gaining access to at least user EXEC mode.
Auxiliary password. Much like the console port, a password can also be used to restrict access to the auxiliary port, which may be configured to allow access via an external modem. Whether you’re using it or not, it’s always a good idea to set a password on this port.
Telnet password. As mentioned earlier, a Cisco router allows telnet sessions via what it considers to be virtual terminals. On a Cisco router running Standard Edition IOS software, a maximum of 5 virtual terminals are provided, named vty 0 through 4. On Enterprise Edition IOS versions, the number of possible virtual terminals is much higher, depending upon the version and platform.
Although the enable secret password is the only one encrypted by default, any of the passwords above can be encrypted as required. We’ll explore this after we learn how to assign passwords to interfaces.
Written by Dan DiNicolo - Visit Website
Next post in CCNA Study Guide Chapter 07:
Assigning Enable Passwords
Next post in Password Management:
Assigning Enable Passwords
Previous post in CCNA Study Guide Chapter 07:
Routing Protocol Configuration Mode
Previous post in Password Management:
Logging In and Logging Out with a Cisco Router
All Tutorials by Category:
- CCDA Study Guide
- CCNA Study Guide Chapter 01
- CCNA Study Guide Chapter 02
- CCNA Study Guide Chapter 03
- CCNA Study Guide Chapter 04
- CCNA Study Guide Chapter 05
- CCNA Study Guide Chapter 06
- CCNA Study Guide Chapter 07
- CCNA Study Guide Chapter 08
- CCNA Study Guide Chapter 09
- CCNA Study Guide Chapter 10
- CCNA Study Guide Chapter 11
- CCNA Study Guide Chapter 12
- Cognos
- Computer Hardware
A
C
D
E
F
G
H
I
L
M
N
Entire site Copyright © 1999-2007 2000Trainers.com, all rights reserved.
Content on this site may not be copied or reproduced in any way without permission.
