System information
ISR Overview and Providing Secure Administrative Access 89
To configure a password for a router’s console, the administrator enters line configuration
mode for con 0 and specifies a password with the password command. Then, to force
console connections to require a password, the login command is issued, as shown in
Example 3-2.
Similarly, you can set a password for the auxiliary port. Enter line configuration mode for
aux 0 and specify a password and require a login, like the console port configuration
illustrated in Example 3-3.
In addition to physically connecting to a router via the console or auxiliary port,
administrators can connect to a router using a Telnet or SSH connection. Instead of
connecting to physical ports, these types of connections use virtual ports. Specifically, by
default a router has five virtual tty lines (that is, “vty”), vty 0 to vty 4, over which
administrators can remotely connect. Similar to the console and auxiliary ports, passwords
can be assigned to these vty lines, as shown in Example 3-4.
Example 3-1 Setting the Enable Secret Password
R1(config)# ee
ee
nn
nn
aa
aa
bb
bb
ll
ll
ee
ee
ss
ss
ee
ee
cc
cc
rr
rr
ee
ee
tt
tt
CC
CC
ii
ii
ss
ss
cc
cc
00
00
PP
PP
rr
rr
33
33
$$
$$
$$
$$
R1(config)# ee
ee
nn
nn
dd
dd
R1# ss
ss
hh
hh
oo
oo
ww
ww
rr
rr
uu
uu
nn
nn
nn
nn
ii
ii
nn
nn
gg
gg
--
--
cc
cc
oo
oo
nn
nn
ff
ff
ii
ii
gg
gg
!
hostname R1
!
enable secret 5 $1$kmOB$rL419kUxmQphzVVTgO4sP1
!
Example 3-2 Setting the Console Password
R1(config)# ll
ll
ii
ii
nn
nn
ee
ee
cc
cc
oo
oo
nn
nn
00
00
R1(config-line)# pp
pp
aa
aa
ss
ss
ss
ss
ww
ww
oo
oo
rr
rr
dd
dd
11
11
mm
mm
AA
AA
$$
$$
33
33
cc
cc
rr
rr
33
33
tt
tt
R1(config-line)# ll
ll
oo
oo
gg
gg
ii
ii
nn
nn
Example 3-3 Setting the Auxiliary Port Password
R1(config)# ll
ll
ii
ii
nn
nn
ee
ee
aa
aa
uu
uu
xx
xx
00
00
R1(config-line)# pp
pp
aa
aa
ss
ss
ss
ss
ww
ww
oo
oo
rr
rr
dd
dd
@@
@@
uu
uu
xx
xx
PP
PP
@@
@@
$$
$$
$$
$$
ww
ww
00
00
rr
rr
dd
dd
R1(config-line)# ll
ll
oo
oo
gg
gg
ii
ii
nn
nn
Example 3-4 Setting the vty Line Password
R1(config)# ll
ll
ii
ii
nn
nn
ee
ee
vv
vv
tt
tt
yy
yy
00
00
44
44
R1(config-line)# ll
ll
oo
oo
gg
gg
ii
ii
nn
nn
R1(config-line)# pp
pp
aa
aa
ss
ss
ss
ss
ww
ww
oo
oo
rr
rr
dd
dd
MM
MM
yy
yy
PP
PP
@@
@@
$$
$$
$$
$$
ww
ww
00
00
rr
rr
dd
dd