BASIC - Configuring console password of a CISCO router

Posted by Unknown on 09:59 with No comments

BASIC - Configuring console password of a CISCO router

1. Enter global configuration mode of the CISCO router.
2. Put the command line console 0 to the router.
3. Provide the password by using password command. For example, if you want to put password "cisco" then the command will be password cisco.
4. At last, put the command login.

Commands for configuring console password

Router>enable
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#line console 0
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#


Why virtual terminal password is required?

Virtual terminal password refers to telnet password. Through telnet, you can access the router and can change anything. So, it's really important to protect the use of telnet by giving a strong password.
Configuring virtual terminal password of a CISCO router:

Different hardware has different no of vty lines defined. Cisco has the range 0 to 4 vty lines. It means it has 5 vty lines. You can set the password of vty lines by the following steps:

1. Enter global configuration mode of the CISCO router.
2. Put the command line vty 0 4 to the router.
3. Provide the password by using password command. For example, if you want to put password "cisco" then the command will be password cisco.
4. At last, put the command login.

Commands for configuring virtual terminal password

Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#line vty 0 4
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#


Why enable password is required?

Enable password is required to restrict the access of privileged EXEC mode.
Configuring enable password of a CISCO router:

From the global configuration mode, use the command enable password to restrict access to privileged EXEC mode. However, this password is visible in the routers configuration file. To encrypt the password, enable secret command is required. By using enable secret command the password is encrypted and can't be readable to a human.
Commands for configuring enable password

Enable password:

Router>enable
Router#config
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable password cisco
Router(config)#


Perform password encryption:

Router>enable
Router#config
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret cisco
Router(config)#

How to encrypt all the CISCO router password?

By default all the passwords of a CISCO router is readable in clear text in the configuration file. This is a great security threat if someone read it and configure or change the router configuration. So, to protect form display the password, service password-encryption command is used to encrypt the passwords. service password-encryption is a global command and encrypt the passwords:

* enable password
* console password
* vty password
* aux password

By following the above steps you can easily configure CISCO router passwords.
Categories: , ,