[c-nsp] 3550 switch password question

Joe Maimon jmaimon at ttec.com
Sat Dec 6 20:08:12 EST 2008



Jen Linkova wrote:
> On Sat, Dec 6, 2008 at 4:47 AM, chloe K <chloekcy2000 at yahoo.ca> wrote:
>>  1/ When I boot up the switch, the switch can be accessed by console without password in user mode
>>
>>  ls it normal?
> 
> Absolutely. It's a default configuration which allows you to access
> the switch and configure it.
> You need to configure authentication as well as other options before
> placing the switch in the production environment.

You wont have network access to it until you configure authentication.

Skip the passwords on the vty lines, just configure aaa with local user 
accounts

> 
>>  2/ I use the following guidline to setup the password.
>>  What is the different between "enable secret" and "enable password"
>>  which one is super usermode?

In IOS, passwords arent secret. So use secret.

> 
> The difference is an encryption algorithm. It's recommended to use
> 'enable secret' (and don't forget 'service password encryption'
> command ;-)
> 
> http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfpass.html#wp1000927
> 


More information about the cisco-nsp mailing list