Lab 1:2-Most secure way to assign privilege mode password on cisco switches
Most secure way to assign privilege mode password on cisco switches
Process Steps :
Configuration :
Step 1 : enable the Algorithm to use for hashing the plaintext 'enable' secret
Switch>en
Switch#configure terminal
Switch(config)#enable ?
algorithm-type Algorithm to use for hashing the plaintext 'enable' secret
last-resort Define enable action if no TACACS servers respond
password Assign the privileged level password (MAX of 25 characters)
secret Assign the privileged level secret (MAX of 25 characters)
use-tacacs Use TACACS to check enable passwords
Switch(config)#enable algorithm-type ?
md5 Encode the password using the MD5 algorithm
scrypt Encode the password using the SCRYPT hashing algorithm
sha256 Encode the password using the PBKDF2 hashing algorithm
Step 2 : Encode the password using the PBKDF2 hashing algorithm
Switch(config)#enable algorithm-type sha256 ?
secret Assign the privileged level secret (MAX of 25 characters)
Step 3 : Assign the privileged level secret
Switch(config)#enable algorithm-type sha256 secret ?
LINE The UNENCRYPTED (cleartext) 'enable' secret
level Set exec level password
Step 4: the assign the privilege level password
Switch(config)#enable algorithm-type sha256 secret ciscosw123
Switch(config)#do show run | i enable
enable secret 8 $8$1eJAiKuoBzLQI2$wi7qw83m/nIvf1mrNgILCE7zUu7me6bN5YKfoayyOo6
Verification :
Switch>enable
Password:
Switch#
Switch#show running-config | i enable
enable secret 8 $8$1eJAiKuoBzLQI2$wi7qw83m/nIvf1mrNgILCE7zUu7me6bN5YKfoayyOo6
Step 1 : enable the
Algorithm to use for hashing the plaintext 'enable' secret
Step 2 : Encode the
password using the PBKDF2 hashing algorithm
Step 3 : Assign the
privileged level secret
Step 4: the assign
the privilege level password
Configuration :
Step 1 : enable the Algorithm to use for hashing the plaintext 'enable' secret
Switch>en
Switch#configure terminal
Switch(config)#enable ?
algorithm-type Algorithm to use for hashing the plaintext 'enable' secret
last-resort Define enable action if no TACACS servers respond
password Assign the privileged level password (MAX of 25 characters)
secret Assign the privileged level secret (MAX of 25 characters)
use-tacacs Use TACACS to check enable passwords
Switch(config)#enable algorithm-type ?
md5 Encode the password using the MD5 algorithm
scrypt Encode the password using the SCRYPT hashing algorithm
sha256 Encode the password using the PBKDF2 hashing algorithm
Step 2 : Encode the password using the PBKDF2 hashing algorithm
Switch(config)#enable algorithm-type sha256 ?
secret Assign the privileged level secret (MAX of 25 characters)
Step 3 : Assign the privileged level secret
Switch(config)#enable algorithm-type sha256 secret ?
LINE The UNENCRYPTED (cleartext) 'enable' secret
level Set exec level password
Step 4: the assign the privilege level password
Switch(config)#enable algorithm-type sha256 secret ciscosw123
Switch(config)#do show run | i enable
enable secret 8 $8$1eJAiKuoBzLQI2$wi7qw83m/nIvf1mrNgILCE7zUu7me6bN5YKfoayyOo6
Verification :
Switch>enable
Password:
Switch#
Switch#show running-config | i enable
enable secret 8 $8$1eJAiKuoBzLQI2$wi7qw83m/nIvf1mrNgILCE7zUu7me6bN5YKfoayyOo6
No comments