• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 94
  • Last Modified:

Cisco: how to encrypt line console password only?

From my understanding "service password-encryption"  command encrypts all the password on the running config.  

How do you encrypt just the line con 0 password  ?
0
Jung Torres
Asked:
Jung Torres
  • 2
  • 2
  • 2
  • +1
1 Solution
 
Jan SpringerCommented:
I can't say for sure.  But have you tried:

Turn on service password-encryption.  Turn off service password-encryption.  Reconfigure your other passwords but leave that one alone.
0
 
Hello ThereSystem AdministratorCommented:
As far as I understand Cisco commands, service password-encryption command will encrypt all plain text passwords such as the line passwords or the enable password no matter what.

If you like, you can only encrypt the enable password and let the line password "unencrypted".

More here.
0
 
Hello ThereSystem AdministratorCommented:
Also you might try to use levels. I have never applied it as you require but you can give it a try.
Router(config)# privilege mode level level
command-string

Configures the specified privilege level to allow
access to the specified command.
Step 2 Router(config)# enable secret level level {0 |5}
password-string

Sets the password for the specified privilege level.
This is the password users will enter after entering the
enable level command to access the specified level.
0 indicates an unencrypted password string
follows; 5 indicates an encrypted password string
follows.

More here.
0
Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

 
Pete LongTechnical ConsultantCommented:
I'm not altogether sure you can? just use AAA then theres no passwords there at all.
0
 
Jan SpringerCommented:
I believe that once password encryption is turned off, that the passwords retain the encrypted information.  So the author should be able to turn it on, turn it off, and reset the other passwords.
0
 
buckethead34Commented:
Use secret vs service password encryption, if you just google crack Cisco password encryption there are a ton of sites out there that you can decrypt a level 7 password encryption.
0
 
buckethead34Commented:
Or make sure you use password-encryption aes
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now