[nsp] enable commands as non-enable user?
Todd, Douglas M.
DTODD@PARTNERS.ORG
Mon, 12 Aug 2002 15:56:42 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All:
username config privilege 5 password abcd
sh commands are
Exec commands:
<1-99> Session number to resume
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
clear Reset functions
connect Open a terminal connection
disable Turn off privileged commands
disconnect Disconnect an existing network connection
enable Turn on privileged commands
exit Exit from the EXEC
help Description of the interactive help system
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
mrinfo Request neighbor and version information from a
multicast router
mstat Show statistics after multiple multicast
traceroutes
mtrace Trace reverse multicast path from destination to
source
name-connection Name an existing network connection
pad Open a X.29 PAD connection
ping Send echo messages
ppp Start IETF Point-to-Point Protocol (PPP)
resume Resume an active network connection
rlogin Open an rlogin connection
show Show running system information
slip Start Serial-line IP (SLIP)
systat Display information about terminal lines
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
tunnel Open a tunnel connection
udptn Open an udptn connection
where List active connections
x28 Become an X.28 PAD
x3 Set X.3 parameters on PAD
TEST#sh run
Building configuration...
Current configuration:
!
! Last configuration change at 15:53:42 EST Mon Aug 12 2002 by XXXXX
! NVRAM config last updated at 14:14:20 EST Mon Aug 12 2002 by XXXXX
!
!
!
!
end
HOWEVER:
Doing a sh startup dumps the the startup configuration.
==DMT>
- ----SIGNAURE-------
Douglas M. Todd, Jr.
CCNA, CCNP, CIT
Network Engineering
Partners Health Care
Building 149
149 13 Street
Charlestown, MA 02129-200
Tel: 617.726.1403
Email: dtodd@partners.org
- --------------------------------------------------------------------
PGP Finger Print: 9429 CAE3 B2D1 C2E1 DFBC E7A6 E90A 9BE5 C7B6 47BC
Key available via email.
Verisign S/N: 3ff65cdf58b9dceda004baeed49e16cf
https://digitalid.verisign.com/services/client/index.html
> -----Original Message-----
> From: Josh Duffek [mailto:jduffek@cisco.com]
> Sent: Monday, August 12, 2002 2:07 PM
> To: Bruce Campbell; cisco-nsp@puck.nether.net; Barry Bruins
> Subject: Re: [nsp] enable commands as non-enable user?
>
>
> just fyi...im 99% sure you cant do this for "sh run"...but i
> never tried for
> "sh config".
>
> joshd
>
> ----- Original Message -----
> From: "Barry Bruins" <bbruins@cisco.com>
> To: "Bruce Campbell" <bruce.campbell@ripe.net>;
> <cisco-nsp@puck.nether.net>
> Sent: Monday, August 12, 2002 12:24 PM
> Subject: Re: [nsp] enable commands as non-enable user?
>
>
> > Use the privilege command to set the show running-config to
> another level.
> >
> > Barry
> >
> > At 06:29 PM 8/12/2002 +0200, Bruce Campbell wrote:
> >
> > >Greetings,
> > >
> > >I'm wanting to allow a dedicated non-enabled user to be
> able to 'show
> > >conf' (run through all the routers and save the conf
> nightly). Is this
> > >possible via AAA (tacacs+)? ( the AAA overview on cco
> isn't that clear
> on
> > >whether this is possible or not)
> > >
> > >--==--
> > >Bruce.
> > >
> > >_______________________________________________
> > >cisco-nsp mailing list real_name)s@puck.nether.net
> > >http://puck.nether.net/mailman/listinfo/cisco-nsp
> > >archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
>
> _______________________________________________
> cisco-nsp mailing list real_name)s@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0
iQA/AwUBPVgS3wgiZycqTvq3EQIFLACeOeREE/H2PZZjEP8YBX8leEonS4cAoItW
xXcVAnZ9vY1dzbxACH63n0jx
=n4D/
-----END PGP SIGNATURE-----