How to create User, Telnet, Console, and Enable passwords on a Cisco Switch? Cisco Switch is preferred for its advanced features and reliability in meeting business network needs. Designed to ensure secure and efficient network operation, a #Cisco Switch is a vital device. Before configuring a Cisco Router, the first step should be to change the default login credentials. To make the most of your Cisco device, it’s essential to know how to configure it properly, including setting up users, Telnet access, console access, and creating an enable password. By configuring these features correctly, you can ensure the security and privacy of your network.
Cisco Switch Entry Security Settings
a. Setting Up Cisco Console Password
This involves connecting to the device using a console cable and software like PuTTY. Knowing the device’s IP address is not necessary. By configuring console access and necessary settings, you can log in via console connection. By entering the configuration below, when you attempt to connect to the Cisco Router via console, a password prompt will appear.
- Router>enable
- Router#configure terminal
- Router(config)#line console 0
- Router(config-line)#password 654321 (Enter your desired password)
- Router(config-line)#exec-timeout 1 (Auto logout after 1 minute of inactivity)
- Router(config-line)#login
- Router(config-line)#exit
- Router(config)#end
- Router#write (Save the settings to the Switch)
The console password has been set. However, when we check the “show startup-config” command, the console password is visible. This poses a security risk regarding information confidentiality. To encrypt the console password, input the following commands into your Cisco Router:
- Router#enable
- Router#configure terminal
- Router(config)#service password-encryption
- Router(config)#end
- Router#write
By doing this, the console password will be encrypted. If you enter the “show startup-config” command again, you’ll notice that the password you entered is no longer visible.
b. Creating “Enable” Mode Password
This is one of the most commonly used access commands in Cisco devices. Two types of Enable passwords can be configured: Secret and Password. The difference between them is that when you use Secret, the password you use to enter enable mode will be encrypted and hidden. If you use Password, it may be visible in the command prompt. From a security perspective, it’s recommended to use Secret.
- Router>enable
- Router#configure terminal
- Router(config)#enable secret 654321 (To remove the password, use the command: no enable secret).
- Router(config)#end
- Router#write
You can create different user accounts for Router logins using:
- Router>enable
- Router#configure terminal
- Router(config)#username aykutaksu privilege 15 password 654321
Level 15: Full access to all commands, including reconfiguration.
Level 1: Read-only access, limited to certain commands like ping.
To delete a defined user account:
- Router>enable
- Router#configure terminal
- Router(config)#no username aykutaksu
c. Creating Cisco Telnet Password
Telnet uses TCP/IP protocol for remote connections, making it the riskiest connection method in terms of security. Setting a password is crucial. For Telnet logins, use the following password creation commands:
- Router>enable
- Router#configure terminal
- Router(config)#line vty 0 4
- Router(config-line)#password 654321
- Router(config-line)#exec-timeout 1 (Auto logout after 1 minute of inactivity)
- Router(config-line)#login
- Router(config-line)#end
- Router#write
By changing the default settings and encrypting the enable, console, and Telnet access on the Cisco Router, you’ve enhanced the security of your Cisco devices. Remember to use a strong password for these settings.
