Solved

Not prompted for password on Cisco UC520 via SSH

Posted on 2010-09-22
6
904 Views
Last Modified: 2013-12-27
I have a UC520,  I've created users on it via CLI, set the Enabled/Secret passwords etc.. yet when I SSH in I can literally just type in any username for any user that exists on the system and it logs me right in to #.  It doesn't even prompt for a password.   This is obviously a huge security risk and being a bit hesitant to post my config and leave some identifying information in it I'm hoping that someone could point me in a direction.

0
Comment
Question by:ZooyorQ
  • 3
  • 3
6 Comments
 
LVL 3

Expert Comment

by:uniplast
ID: 33741237
You can give different privileges to users that you define.
At this link is explained in detail how it works

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftprienh.html
0
 

Author Comment

by:ZooyorQ
ID: 33741266
So if I lower the privilege to say 1 from its current 15 users will be prompted with a password to access privileged commands?
0
 
LVL 3

Expert Comment

by:uniplast
ID: 33741292
Yes, but  lowest level of access is 0
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 

Author Comment

by:ZooyorQ
ID: 33741826
Even with a high privilege shouldn't the user be prompted for their password though?
0
 
LVL 3

Accepted Solution

by:
uniplast earned 500 total points
ID: 33741998
Login Authentication Using Enable Password

Use the aaa authentication login command with the enable method keyword to specify the enable password as the login authentication method. For example, to specify the enable password as the method of user authentication at login when no other method list has been defined, enter the following command:

aaa authentication login default enable


Before you can use the enable password as the login authentication method, you need to define the enable password. For more information about defining enable passwords, refer to the chapter "Configuring Passwords and Privileges."

More about this is on link
http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfathen.html
0
 

Author Comment

by:ZooyorQ
ID: 33746511
The solution was changing the aaa authentication default to enable, it was currently set to none.  Thanks!
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

So you think no one can listen in on your VOIP conversations, eh? Well... if you haven't setup Secure Real Time Transport (SRTP), your voice communications can be hacked into by just about anyone! First, let's talk about the intended audience for…
There are no good configuration guides for HP-H3C router to LYNC on the web. :( Big statement, but we havent been able to find one yet. We did find the following document useful, but the information was not enough to use H3C router for use as a L…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now