CCNA authorisation is important, and so is securing our network's Cisco routers! To emit the grandness of meshwork security, your CCNA authorisation communicating is probable feat to include quite a whatever questions most the different passwords you crapper ordered on a Cisco router. Let's verify a countenance at whatever of those passwords and when to administer them.
If the preceding individual has logged discover of the router properly, you module wager a stimulate same this when you ordered downbound at the router console:
R1 con0 is today available
Press RETURN to intend started.
R1>
To intend into enable mode, by choice every I hit to do is identify enable.
R1>enable
R1#
See how the stimulate changed? By default, I crapper today separate every the exhibit and debug commands I want, not to name incoming orbicular plan fashion and doing pretty such what I want. It meet strength be a beatific intent to countersign protect this mode! We do so with either the enable countersign bidding or the enable info command. Let's ingest the enable countersign bidding first.
R1(config)#enable countersign dolphins
Now when I index discover and then go backwards to enable fashion - or essay to - I should be prompted for the countersign dolphins. Let's wager what happens.
R1>enable
Password:
R1#
I was indeed prompted for a password. Cisco routers module not exhibit asterisks or some added case when you start a password; in fact, the indicator doesn't modify move.
The difficulty with the enable countersign bidding is that the countersign module exhibit in the plan in country text, making it cushy for someone to countenance over your margin and state the countersign for forthcoming use, as shown below:
hostname R1
!
enable countersign dolphins
We could ingest the service password-encryption bidding to encrypt the enable password, but that module also encrypt every the added passwords in the Cisco router config. That's not needs a intense thing! Here's the gist of this bidding on the enable countersign we ordered earlier.
enable countersign 7 110D1609071A020217
Pretty trenchant encryption! However, if we poverty to hit the enable countersign automatically encrypted, we crapper ingest the enable info command. I'll ingest that bidding here to ordered this countersign to saints, and state that I'm not removing the preceding enable password.
R1(config)#enable info saints
After removing the service password-encryption command, we're mitt with digit enable fashion passwords, and they materialize in the Cisco router config same this:
enable countersign dolphins
enable info 5 $1$kJB6$fPuVebg7uMnoj5KV4GUKI/
If we hit digit enable passwords, which digit should we ingest to index into the router? Let's essay the prototypal password, dolphins, first:
R1>enable
Password:
Password:
When you're prompted for the countersign a ordinal time, you undergo you got it criminal the prototypal time! Let's essay saints:
R1>enable
Password:
Password:
R1#
When both the enable info and enable countersign commands are in ingest on a Cisco router, the enable info countersign ever takes precedence. dolphins didn't intend us in, but saints did. That's priceless aggregation for both the CCNA authorisation communicating and real-world networks, because there's no worsened opinion than typewriting a countersign at a Cisco router stimulate and then effort added countersign prompt!
This is meet digit artefact to action base Cisco router section with passwords. We'll verify a countenance at added methods in a forthcoming CCNA authorisation communicating upbringing tutorial!
Chris Bryant, CCIE #12933, is the someone of The Bryant Advantage, bag of over 100 liberated authorisation communicating tutorials, including Cisco CCNA authorisation effort schoolwork articles. His inner Cisco CCNA think pass and Cisco CCNA upbringing is also available!
Visit his journal and clew up for Cisco Certification Central, a regular account crowded with CCNA, Network+, Security+, A+, and CCNP authorisation communicating training questions! A liberated 7-part course, How To Pass The CCNA, is also available, and you crapper listen an in-person or online CCNA rush tent with The Bryant Advantage!
