Access passwords are set for the privileged exec mode and user entry point such as console, aux, and virtual lines. The privileged exec mode passwordis the most critical password, since it controls access to the configuration mode.
Step 1: Configure the privileged exec password.
Cisco IOS supports two commands that set access to the privilegedexec mode. One command, enable password, contains weak cryptography and should never be used if the enable secret command is available. The enable secret command uses a very secure MD5 cryptographichash algorithm. Cisco says “As far as anyone at Cisco knows, it is impossible to recover an enable secret based on the contents of a configuration file (other than by obvious dictionary attacks).”Password security relies on the password algorithm, and the password. . In production environments, strong passwords should be used at all times. A strong password consists of at least nine characters ofupper and lower case letters, numbers, and symbols. In a lab environment, we will use weak passwords.
Set the privileged exec password to cisco.
Router1(config)# enable secret cisco
Router1(config)#Step 2: Configure the console password.
Set the console access password to class. The console password controls console access to the router.
Router1(config)# line console 0
What is the command to remove the console password? _____________________________
Step 3: Configure the virtual line password.
Set the virtual lineaccess password to class. The virtual line password controls Telnet access to the router. In early Cisco IOS versions, only five virtual lines could be set, 0 through 4. In newer Cisco IOS versions, thenumber has been expanded. Unless a telnet password is set, access on that virtual line is blocked.
Router1(config-line)# line vty 0 4
Router1(config-line)# password class