Configuring Username And Password Pairs - Cisco Catalyst 3550 series Software Configuration Manual

Chapter 8 Configuring Switch-Based Authentication
Command
Step 7 show running-config
Step 8
copy running-config startup-config
To remove the password, use the no password global configuration command.
This example shows how to set the Telnet password to let45me67in89:
Switch(config)# line vty 10
Switch(config-line)# password let45me67in89

Configuring Username and Password Pairs

You can configure username and password pairs, which are locally stored on the switch. These pairs are
assigned to lines or interfaces and authenticate each user before that user can access the switch. If you
have defined privilege levels, you can also assign a specific privilege level (with associated rights and
privileges) to each username and password pair.
Beginning in privileged EXEC mode, follow these steps to establish a username-based authentication
system that requests a login username and a password:
Command
Step 1 configure terminal
Step 2
username name [privilege level]
{password encryption-type password}
Step 3 line console 0
or
line vty 0 15
Step 4
login local
Step 5
end
Step 6 show running-config
Step 7 copy running-config startup-config
78-11194-09
Purpose
Verify your entries.
The password is listed under the command line vty 0 15.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
Enter the username, privilege level, and password for each user.
• For name, specify the user ID as one word. Spaces and quotation
marks are not allowed.
• (Optional) For level, specify the privilege level the user has after
gaining access. The range is 0 to 15. Level 15 gives privileged EXEC
mode access. Level 1 gives user EXEC mode access.
For encryption-type, enter 0 to specify that an unencrypted password
•
will follow. Enter 7 to specify that a hidden password will follow.
For password, specify the password the user must enter to gain access
•
to the switch. The password must be from 1 to 25 characters, can
contain embedded spaces, and must be the last option specified in the
username command.
Enter line configuration mode, and configure the console port (line 0) or
the VTY lines (line 0 to 15).
Enable local password checking at login time. Authentication is based on
the username specified in Step 2.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Catalyst 3550 Multilayer Switch Software Configuration Guide
Protecting Access to Privileged EXEC Commands
8-7