Administrator Guide
• encryption-type: Enter 0 for plain text or 7 for encrypted text.
• password: Enter a string.
• privilege level The range is from 0 to 15.
To view usernames, use the show users command in EXEC Privilege mode.
Configuring the Enable Password Command
To configure the Dell Networking OS, use the enable command to enter EXEC Privilege level 15. After entering the command, the
system requests that you enter a password.
Privilege levels are not assigned to passwords, rather passwords are assigned to a privilege level. You can always change a password for
any privilege level. To change to a different privilege level, enter the
enable command, then the privilege level. If you do not enter a
privilege level, the default level 15 is assumed.
To configure a password for a specific privilege level, use the following command.
• Configure a password for a privilege level.
CONFIGURATION mode
enable password [level level] [encryption-mode] password
Configure the optional and required parameters:
• level level: Specify a level from 0 to 15. Level 15 includes all levels.
• encryption-type: Enter 0 for plain text or 7 for encrypted text.
• password: Enter a string.
To change only the password for the enable command, configure only the password parameter.
To view the configuration for the enable secret command, use the show running-config command in EXEC Privilege mode.
In custom-configured privilege levels, the enable command is always available. No matter what privilege level you use on the system, you
can enter the enable 15 command to access and configure all CLIs.
Obscuring Passwords and Keys
By default, the service password-encryption command stores encrypted passwords. For greater security, you can also use the
service obscure-passwords command to prevent a user from reading the passwords and keys, including RADIUS, TACACS+ keys,
router authentication strings, VRRP authentication by obscuring this information. Passwords and keys are stored encrypted in the
configuration file and by default are displayed in the encrypted form when the configuration is displayed. Enabling the service
obscure-passwords command displays asterisks instead of the encrypted passwords and keys. This command prevents a user from
reading these passwords and keys by obscuring this information with asterisks.
Password obscuring masks the password and keys for display only but does not change the contents of the file. The string of asterisks is
the same length as the encrypted string for that line of configuration. To verify that you have successfully obscured passwords and keys,
use the
show running-config command or show startup-config command.
If you are using role-based access control (RBAC), only the system administrator and security administrator roles can enable
the service obscure-password command.
To enable the obscuring of passwords and keys, use the following command.
• Turn on the obscuring of passwords and keys in the configuration.
CONFIGURATION mode
service obscure-passwords
Example of Obscuring Password and Keys
Dell(config)# service obscure-passwords
Configuring Custom Privilege Levels
In addition to assigning privilege levels to the user, you can configure the privilege levels of commands so that they are visible in different
privilege levels.
Within the Dell Networking OS, commands have certain privilege levels. With the privilege command, you can change the default level
or you can reset their privilege level back to the default.
• Assign the launch keyword (for example, configure) for the keyword’s command mode.
806
Security