Support User Manuals

Cisco Systems DOC-7814982 Stereo System User Manual

Open as PDF

of 648

7-8

Catalyst 2950 Desktop Switch Software Configuration Guide

78-14982-01

Chapter 7 Administering the Switch

Protecting Access to Privileged EXEC Commands

To disable username authentication for a specific user, use the no username name global configuration

command. To disable password checking and allow connections without a password, use the no login

line configuration command.

Configuring Multiple Privilege Levels

By default, the IOS software has two modes of password security: user EXEC and privileged EXEC.

You can configure up to 16 hierarchical levels of commands for each mode. By configuring multiple

passwords, you can allow different sets of users to have access to specified commands.

For example, if you want many users to have access to the clear line command, you can assign it

level 2 security and distribute the level 2 password fairly widely. But if you want more restricted access

to the configure command, you can assign it level 3 security and distribute that password to a more

restricted group of users.

This section includes this configuration information:

• Setting the Privilege Level for a Command, page 7-8

• Changing the Default Privilege Level for Lines, page 7-9

• Logging into and Exiting a Privilege Level, page 7-10

Setting the Privilege Level for a Command

Beginning in privileged EXEC mode, follow these steps to set the privilege level for a command mode:

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

privilege mode level level command Set the privilege level for a command.

• For mode, enter configure for global configuration mode, exec for

EXEC mode, interface for interface configuration mode, or line for

line configuration mode.

• For level, the range is from 0 to 15. Level 1 is for normal user EXEC

mode privileges. Level 15 is the level of access permitted by the

enable password.

• For command, specify the command to which you want to restrict

access.

Step 3

enable password level level password Specify the enable password for the privilege level.

• For level, the range is from 0 to 15. Level 1 is for normal user EXEC

mode privileges.

• For password, specify a string from 1 to 25 alphanumeric characters.

The string cannot start with a number, is case sensitive, and allows

spaces but ignores leading spaces. By default, no password is

defined.

Step 4

end Return to privileged EXEC mode.

previous next