Cisco: how to encrypt line console password only?

From my understanding "service password-encryption"  command encrypts all the password on the running config.  

How do you encrypt just the line con 0 password  ?
Jung TorresAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jan SpringerCommented:
I can't say for sure.  But have you tried:

Turn on service password-encryption.  Turn off service password-encryption.  Reconfigure your other passwords but leave that one alone.
0
Hello ThereSystem AdministratorCommented:
As far as I understand Cisco commands, service password-encryption command will encrypt all plain text passwords such as the line passwords or the enable password no matter what.

If you like, you can only encrypt the enable password and let the line password "unencrypted".

More here.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Hello ThereSystem AdministratorCommented:
Also you might try to use levels. I have never applied it as you require but you can give it a try.
Router(config)# privilege mode level level
command-string

Configures the specified privilege level to allow
access to the specified command.
Step 2 Router(config)# enable secret level level {0 |5}
password-string

Sets the password for the specified privilege level.
This is the password users will enter after entering the
enable level command to access the specified level.
0 indicates an unencrypted password string
follows; 5 indicates an encrypted password string
follows.

More here.
0
Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Pete LongTechnical ConsultantCommented:
I'm not altogether sure you can? just use AAA then theres no passwords there at all.
0
Jan SpringerCommented:
I believe that once password encryption is turned off, that the passwords retain the encrypted information.  So the author should be able to turn it on, turn it off, and reset the other passwords.
0
buckethead34Commented:
Use secret vs service password encryption, if you just google crack Cisco password encryption there are a ton of sites out there that you can decrypt a level 7 password encryption.
0
buckethead34Commented:
Or make sure you use password-encryption aes
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.