Cisco Systems OL-6426-02 Benutzerhandbuch
A-5
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Appendix A Cisco IOS Software Basic Skills
Enable Secret Passwords and Enable Passwords
Enable Secret Passwords and Enable Passwords
By default, the router ships without password protection. Because many privileged EXEC commands are
used to set operating parameters, you should password-protect these commands to prevent unauthorized
use.
used to set operating parameters, you should password-protect these commands to prevent unauthorized
use.
You can use two commands to do this:
•
enable secret password—A very secure, encrypted password
•
enable password—A less secure, unencrypted local password
Both the enable and enable secret passwords control access to various privilege levels (0 to 15). The
enable password is intended for local use and is thus unencrypted. The enable secret password is
intended for network use; that is, in environments where the password crosses the network or is stored
on a TFTP server. You must enter an enable secret or enable password with a privilege level of 1 to gain
access to privileged EXEC mode commands.
enable password is intended for local use and is thus unencrypted. The enable secret password is
intended for network use; that is, in environments where the password crosses the network or is stored
on a TFTP server. You must enter an enable secret or enable password with a privilege level of 1 to gain
access to privileged EXEC mode commands.
For maximum security, the passwords should be different. If you enter the same password for both during
the setup process, your router accepts the passwords, but warns you that they should be different.
the setup process, your router accepts the passwords, but warns you that they should be different.
An enable secret password can contain from 1 to 25 uppercase and lowercase alphanumeric characters.
An enable password can contain any number of uppercase and lowercase alphanumeric characters. In
both cases, a number cannot be the first character. Spaces are also valid password characters; for
example, two words is a valid password. Leading spaces are ignored; trailing spaces are recognized.
An enable password can contain any number of uppercase and lowercase alphanumeric characters. In
both cases, a number cannot be the first character. Spaces are also valid password characters; for
example, two words is a valid password. Leading spaces are ignored; trailing spaces are recognized.
Entering Global Configuration Mode
To make any configuration changes to your router, you must be in global configuration mode. This
section describes how to enter global configuration mode while using a terminal or PC that is connected
to your router console port.
section describes how to enter global configuration mode while using a terminal or PC that is connected
to your router console port.
To enter global configuration mode, follow these steps:
Step 1
After your router boots up, enter the enable or enable secret command:
Router> enable
Step 2
If you have configured your router with an enable password, enter it when you are prompted.
The enable password does not appear on the screen when you enter it. This example shows how to enter
privileged EXEC mode:
privileged EXEC mode:
Password: enable_password
Router#
Privileged EXEC mode is indicated by the # in the prompt. You can now make changes to your router
configuration.
configuration.
Step 3
Enter the configure terminal command to enter global configuration mode:
Router# configure terminal
Router(config)#
You can now make changes to your router configuration.