Cisco IOS/Associate a user with default higher privileges


Basic Example:

  • username MY_USER secret MY_PASSWORD or username MY_USER password MY_PASSWORD


Router#config terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#username MY_USERNAME_1 privilege 5
Router(config)#username MY_USERNAME_2 privilege 15
Router(config)#^Z
Router#

https://www.oreilly.com/library/view/hardening-cisco-routers/0596001665/ch04.html


Example with error:

Router(config)#username MY_USER privilege 15 password MY_PASSWORD
 WARNING: Command has been added to the configuration using a type 0 password. However, type 0 passwords will soon be deprecated. Migrate to a supported password type


Enable Type 9 passwords for username MY_USERNAME_1

edit

Read first: https://learningnetwork.cisco.com/docs/DOC-27166

R1(config)#username MY_USERNAME_1 algorithm-type scrypt secret MY_PASSWORD
R1(config)#

Error in case user where already created with password option:

R1(config)#username MY_USERNAME_1 algorithm-type scrypt secret MY_PASSWORD
ERROR: Can not have both a user password and a user secret.
Please choose one or the other.

Delete user

edit
R1(config)#no username USERNAME_TO_DELETE
This operation will remove all username related configurations with same name.Do you want to continue? [confirm]


Activities

edit
  1. Configure a user with public key access Cisco IOS/Configure public RSA key authentication
  2. Learn about different Cisco Router Password Types: https://learningnetwork.cisco.com/docs/DOC-27166
  3. List users: show running-config | inc username
  4. Delete a user with no username USERNAME_TO_DELETE command

See also

edit