This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
tech:network:cisco:privilege-level-exec:privilege-level-exec [2019/08/15 18:22] wnoguchi |
tech:network:cisco:privilege-level-exec:privilege-level-exec [2019/08/18 14:24] (current) wnoguchi |
||
---|---|---|---|
Line 14: | Line 14: | ||
Cisco 1841 15.1(4)M10 | Cisco 1841 15.1(4)M10 | ||
+ | |||
+ | ===== Configuration ===== | ||
<code> | <code> | ||
configure terminal | configure terminal | ||
! | ! | ||
- | username test01 privilege 10 secret test01 | + | username user1 secret snakeoil |
- | username test02 privilege 15 secret test02 | + | username user2 privilege 10 secret godisexist |
+ | username user3 privilege 15 secret superman | ||
+ | ! | ||
+ | enable secret level 10 middle | ||
+ | enable secret god | ||
! | ! | ||
interface FastEthernet 0/0 | interface FastEthernet 0/0 | ||
ip address 10.0.8.123 255.255.255.0 | ip address 10.0.8.123 255.255.255.0 | ||
+ | no shutdown | ||
+ | ! | ||
+ | privilege exec level 10 configure terminal | ||
+ | privilege exec level 10 show running-config | ||
+ | privilege exec level 10 show startup-config | ||
+ | ! input later | ||
+ | privilege exec level 1 show | ||
! | ! | ||
line vty 0 15 | line vty 0 15 | ||
Line 32: | Line 45: | ||
end | end | ||
</code> | </code> | ||
+ | |||
+ | ==== Verification ==== | ||
++++ Console Log | | ++++ Console Log | | ||
<code> | <code> | ||
- | wnoguchi@kozue:~$ telnet 10.0.8.123 | + | wnoguchi@kotone:~$ telnet 10.0.8.123 |
Trying 10.0.8.123... | Trying 10.0.8.123... | ||
Connected to 10.0.8.123. | Connected to 10.0.8.123. | ||
Line 44: | Line 59: | ||
User Access Verification | User Access Verification | ||
- | Username: test01 | + | Username: user1 |
- | Password: | + | Password: |
- | R1#conf t | + | % Login invalid |
- | ^ | + | |
- | % Invalid input detected at '^' marker. | + | |
- | R1#sh clock | + | Username: user1 |
- | 22:54:58.456 UTC Wed Aug 14 2019 | + | Password: |
- | R1#cop | + | R1>en |
- | R1#copy sta | + | Password: |
- | R1#copy star | + | Password: |
- | R1#copy running-config startup-config | + | Password: |
- | ^ | + | % Bad secrets |
+ | |||
+ | R1>sh priv | ||
+ | ^ | ||
% Invalid input detected at '^' marker. | % Invalid input detected at '^' marker. | ||
- | R1#? | + | R1>sh ? |
- | Exec commands: | + | % Unrecognized command |
- | <1-99> Session number to resume | + | R1>en |
- | access-enable Create a temporary Access-List entry | + | Password: |
- | access-profile Apply user-profile to interface | + | R1#sh priv |
- | clear Reset functions | + | Current privilege level is 15 |
- | connect Open a terminal connection | + | R1#conf t |
- | crypto Encryption related commands. | + | Enter configuration commands, one per line. End with CNTL/Z. |
- | disable Turn off privileged commands | + | R1(config)#^Z |
- | disconnect Disconnect an existing network connection | + | |
- | emm Run a configured Menu System | + | |
- | enable Turn on privileged commands | + | |
- | ethernet Ethernet parameters | + | |
- | exit Exit from the EXEC | + | |
- | help Description of the interactive help system | + | |
- | ips Intrusion Prevention System | + | |
- | lat Open a lat connection | + | |
- | lig LISP Internet Groper | + | |
- | lock Lock the terminal | + | |
- | login Log in as a particular user | + | |
- | logout Exit from the EXEC | + | |
- | modemui Start a modem-like user interface | + | |
- | mrinfo Request neighbor and version information from a multicast router | + | |
- | mstat Show statistics after multiple multicast traceroutes | + | |
- | mtrace Trace reverse multicast path from destination to source | + | |
- | name-connection Name an existing network connection | + | |
- | pad Open a X.29 PAD connection | + | |
- | ping Send echo messages | + | |
- | ppp Start IETF Point-to-Point Protocol (PPP) | + | |
- | radius radius exec commands | + | |
- | release Release a resource | + | |
- | renew Renew a resource | + | |
- | resume Resume an active network connection | + | |
- | rlogin Open an rlogin connection | + | |
- | set Set system parameter (not config) | + | |
- | show Show running system information | + | |
- | slip Start Serial-line IP (SLIP) | + | |
- | ssh Open a secure shell client connection | + | |
- | systat Display information about terminal lines | + | |
- | tclquit Quit Tool Command Language shell | + | |
- | telnet Open a telnet connection | + | |
- | terminal Set terminal line parameters | + | |
- | tn3270 Open a tn3270 connection | + | |
- | traceroute Trace route to destination | + | |
- | trm Trend Registration Module | + | |
- | tunnel Open a tunnel connection | + | |
- | udptn Open an udptn connection | + | |
- | where List active connections | + | |
- | x28 Become an X.28 PAD | + | |
- | x3 Set X.3 parameters on PAD | + | |
R1#logout | R1#logout | ||
Connection closed by foreign host. | Connection closed by foreign host. | ||
- | wnoguchi@kozue:~$ telnet 10.0.8.123 | + | wnoguchi@kotone:~$ telnet 10.0.8.123 |
Trying 10.0.8.123... | Trying 10.0.8.123... | ||
Connected to 10.0.8.123. | Connected to 10.0.8.123. | ||
Line 119: | Line 93: | ||
User Access Verification | User Access Verification | ||
- | Username: test02 | + | Username: user1 |
- | Password: | + | Password: |
+ | R1>en 10 | ||
+ | Password: | ||
+ | Password: | ||
+ | R1#sh priv | ||
+ | Current privilege level is 10 | ||
+ | R1#sh ru | ||
+ | R1#sh running-config | i user | ||
+ | ! Last configuration change at 05:12:06 UTC Sun Aug 18 2019 by user1 | ||
+ | R1#sh running-config | ||
+ | Building configuration... | ||
+ | |||
+ | Current configuration : 122 bytes | ||
+ | ! | ||
+ | ! Last configuration change at 05:12:06 UTC Sun Aug 18 2019 by user1 | ||
+ | boot-start-marker | ||
+ | boot-end-marker | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | end | ||
+ | |||
+ | R1#sh sta | ||
+ | R1#sh star | ||
+ | R1#sh startup-config | ||
+ | Using 974 out of 196600 bytes | ||
+ | ! | ||
+ | ! Last configuration change at 23:13:13 UTC Wed Aug 14 2019 | ||
+ | version 15.1 | ||
+ | service timestamps debug datetime msec | ||
+ | service timestamps log datetime msec | ||
+ | no service password-encryption | ||
+ | ! | ||
+ | hostname R1 | ||
+ | ! | ||
+ | boot-start-marker | ||
+ | boot-end-marker | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | no aaa new-model | ||
+ | ! | ||
+ | dot11 syslog | ||
+ | ip source-route | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ip cef | ||
+ | no ip domain lookup | ||
+ | no ipv6 cef | ||
+ | ! | ||
+ | multilink bundle-name authenticated | ||
+ | ! | ||
+ | crypto pki token default removal timeout 0 | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | license udi pid CISCO1841 sn FHK1107102U | ||
+ | ! | ||
+ | redundancy | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | interface FastEthernet0/0 | ||
+ | ip address dhcp | ||
+ | duplex auto | ||
+ | speed auto | ||
+ | ! | ||
+ | interface FastEthernet0/1 | ||
+ | no ip address | ||
+ | shutdown | ||
+ | duplex auto | ||
+ | speed auto | ||
+ | ! | ||
+ | interface Serial0/0/0 | ||
+ | no ip address | ||
+ | shutdown | ||
+ | no fair-queue | ||
+ | clock rate 2000000 | ||
+ | ! | ||
+ | ip forward-protocol nd | ||
+ | no ip http server | ||
+ | no ip http secure-server | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | control-plane | ||
+ | ! | ||
+ | ! | ||
+ | ! | ||
+ | line con 0 | ||
+ | exec-timeout 0 0 | ||
+ | logging synchronous | ||
+ | line aux 0 | ||
+ | line vty 0 4 | ||
+ | login | ||
+ | transport input all | ||
+ | ! | ||
+ | scheduler allocate 20000 1000 | ||
+ | end | ||
+ | |||
+ | R1#sh priv | ||
+ | Current privilege level is 10 | ||
R1#conf t | R1#conf t | ||
Enter configuration commands, one per line. End with CNTL/Z. | Enter configuration commands, one per line. End with CNTL/Z. | ||
R1(config)#^Z | R1(config)#^Z | ||
- | R1#copy running-config startup-config | + | R1#en 15 |
- | Destination filename [startup-config]? no | + | Password: |
- | %Error copying nvram:no (Invalid argument) | + | R1#sh priv |
- | R1#copy running-config startup-config | + | Current privilege level is 15 |
- | Destination filename [startup-config]? | + | R1#en |
- | Building configuration... | + | R1#sh run | i user |
- | [OK] | + | ! Last configuration change at 05:14:12 UTC Sun Aug 18 2019 by user1 |
- | R1# | + | username user1 secret 5 $1$3uCj$mX0bA7ydlvu8hW4iIU47d. |
- | </code> | + | username user2 privilege 10 secret 5 $1$ZRsH$6bnNLeYHu6UkaIaFMMf0n1 |
+ | username user3 privilege 15 secret 5 $1$KNnH$J70NyIsXID5SozkHnYtWI. | ||
+ | R1#logout | ||
+ | Connection closed by foreign host. | ||
+ | wnoguchi@kotone:~$ telnet 10.0.8.123\ | ||
+ | > ^C | ||
+ | wnoguchi@kotone:~$ telnet 10.0.8.123 | ||
+ | Trying 10.0.8.123... | ||
+ | Connected to 10.0.8.123. | ||
+ | Escape character is '^]'. | ||
- | <code> | + | User Access Verification |
- | R1>sh privilege | + | |
- | Current privilege level is 1 | + | Username: user2 |
- | R1>en | + | Password: |
- | R1#sh privil | + | R1#sh priv |
- | R1#sh privilege | + | Current privilege level is 10 |
- | Current privilege level is 15 | + | |
R1#conf t | R1#conf t | ||
Enter configuration commands, one per line. End with CNTL/Z. | Enter configuration commands, one per line. End with CNTL/Z. | ||
- | R1(config)#userna | + | R1(config)#privi |
- | R1(config)#username test01 pri | + | R1(config)#privil |
- | R1(config)#username test01 privilege 10 se | + | R1(config)#priv |
- | R1(config)#username test01 privilege 10 secret test01sec | + | R1(config)#privi |
- | R1(config)#username test02 pri | + | R1(config)#privile |
- | R1(config)#username test02 privilege 15 secret test02sec | + | R1(config)#privile |
- | R1(config)#do sh run | i username | + | R1(config)#priv? |
- | username test01 privilege 10 secret 5 $1$Sntk$uitgUJVuNr6NsGLk0F/J.1 | + | % Unrecognized command |
- | username test02 privilege 15 secret 5 $1$dDvR$Zl/vSUBDcTQaFJUh1em3k. | + | R1(config)#int f0/0 |
- | R1(config)#line | + | ^ |
- | R1(config)#line vty 0 15 | + | |
- | R1(config-line)#log | + | |
- | R1(config-line)#logi | + | |
- | R1(config-line)#login lo | + | |
- | R1(config-line)#login local | + | |
- | R1(config-line)#exit | + | |
- | R1(config)#lin | + | |
- | R1(config)#line conso | + | |
- | R1(config)#disable | + | |
- | ^ | + | |
% Invalid input detected at '^' marker. | % Invalid input detected at '^' marker. | ||
- | R1(config)# | ||
- | R1(config)# | ||
- | R1(config)# | ||
R1(config)#^Z | R1(config)#^Z | ||
- | R1# | + | R1#enable |
- | *Aug 15 02:16:09.987: %SYS-5-CONFIG_I: Configured from console by console | + | Password: |
+ | R1#sh priv | ||
+ | Current privilege level is 15 | ||
R1#disable | R1#disable | ||
R1>logout | R1>logout | ||
- | + | Connection closed by foreign host. | |
- | + | wnoguchi@kotone:~$ telnet 10.0.8.123 | |
- | + | Trying 10.0.8.123... | |
- | + | Connected to 10.0.8.123. | |
- | + | Escape character is '^]'. | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | R1 con0 is now available | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | Press RETURN to get started. | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | R1>en | + | |
- | R1#conf t | + | |
- | Enter configuration commands, one per line. End with CNTL/Z. | + | |
- | R1(config)#int f0/0 | + | |
- | R1(config-if)#ip address 10.0.8.123 255.255.255.0 | + | |
- | R1(config-if)#no shut | + | |
- | R1(config-if)#do ping 10.0.8.254 | + | |
- | Type escape sequence to abort. | + | |
- | Sending 5, 100-byte ICMP Echos to 10.0.8.254, timeout is 2 seconds: | + | |
- | !!!!! | + | |
- | Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms | + | |
- | R1(config-if)#exit | + | |
- | R1(config)#line console 0 | + | |
- | R1(config-line)#logi | + | |
- | R1(config-line)#login local | + | |
- | R1(config-line)#logout | + | |
- | % Incomplete command. | + | |
- | + | ||
- | R1(config-line)#exit | + | |
- | R1(config)#exit | + | |
- | R1#logout | + | |
- | *Aug 15 02:24:06.911: %SYS-5-CONFIG_I: Configured from console by console | + | |
- | R1#logout | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | R1 con0 is now available | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | Press RETURN to get started. | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
User Access Verification | User Access Verification | ||
- | Username: test02 | + | Username: user3 |
Password: | Password: | ||
- | R1#sh pri | ||
R1#sh priv | R1#sh priv | ||
- | R1#sh privilege | ||
Current privilege level is 15 | Current privilege level is 15 | ||
- | R1# | + | R1#conf t |
- | </code> | + | Enter configuration commands, one per line. End with CNTL/Z. |
- | + | R1(config)#pri | |
- | <code> | + | R1(config)#privi |
- | wnoguchi@kozue:~$ telnet 10.0.8.123 | + | R1(config)#privilege exe le |
+ | R1(config)#privilege exec leve | ||
+ | R1(config)#privilege exec level 1 show | ||
+ | R1(config)#^Z | ||
+ | R1#logout | ||
+ | Connection closed by foreign host. | ||
+ | wnoguchi@kotone:~$ telnet 10.0.8.123 | ||
Trying 10.0.8.123... | Trying 10.0.8.123... | ||
Connected to 10.0.8.123. | Connected to 10.0.8.123. | ||
Escape character is '^]'. | Escape character is '^]'. | ||
- | |||
User Access Verification | User Access Verification | ||
- | Username: test01 | + | Username: user1 |
Password: | Password: | ||
- | R1#configu | + | R1>sh priv |
- | R1#configure terminal | + | Current privilege level is 1 |
- | ^ | + | R1>logout |
- | % Invalid input detected at '^' marker. | + | |
- | + | ||
- | R1#era | + | |
- | R1#erase | + | |
- | R1#erase startup-config | + | |
- | ^ | + | |
- | % Invalid input detected at '^' marker. | + | |
- | + | ||
- | R1#sh run | i user | + | |
- | ^ | + | |
- | % Invalid input detected at '^' marker. | + | |
- | + | ||
- | R1#sh clock | + | |
- | *02:22:24.691 UTC Thu Aug 15 2019 | + | |
- | R1#sh privi | + | |
- | R1#sh privilege | + | |
- | Current privilege level is 10 | + | |
- | R1#logout | + | |
Connection closed by foreign host. | Connection closed by foreign host. | ||
+ | wnoguchi@kotone:~$ | ||
</code> | </code> | ||
- | |||
- | ++++ | ||
<code> | <code> | ||
Line 358: | Line 310: | ||
R1# | R1# | ||
</code> | </code> | ||
- | |||
- | <code> | ||
- | configure terminal | ||
- | ! | ||
- | privilege exec level 10 configure | ||
- | enable password level 10 Cisco55 | ||
- | ! | ||
- | end | ||
- | </code> | ||
- | |||
- | ++++ Console Log | | ||
<code> | <code> | ||
Line 453: | Line 394: | ||
eigrp_af_classic_submode Address Family configuration mode | eigrp_af_classic_submode Address Family configuration mode | ||
| | ||
- | R1(config)#privilege sho | ||
- | R1(config)#privilege int | ||
- | R1(config)#privilege inter | ||
- | R1(config)#privilege interface | ||
- | R1(config)#privilege interface ? | ||
- | all All suboption will be set to the samelevel | ||
- | level Set privilege level of command | ||
- | reset Reset privilege level of command | ||
- | |||
- | R1(config)#privilege exe | ||
- | R1(config)#privilege exec leve | ||
- | R1(config)#privilege exec level ? | ||
- | <0-15> Privilege level | ||
- | |||
- | R1(config)#privilege exec level 10 ? | ||
- | LINE Initial keywords of the command to modify | ||
- | |||
- | R1(config)#privilege exec level 10 confi? | ||
- | LINE <cr> | ||
- | |||
- | R1(config)#privilege exec level 10 configure | ||
- | R1(config)#en | ||
- | R1(config)#enab | ||
- | R1(config)#enable se | ||
- | R1(config)#enable secret ? | ||
- | 0 Specifies an UNENCRYPTED password will follow | ||
- | 5 Specifies a MD5 HASHED secret will follow | ||
- | 8 Specifies a PBKDF2 HASHED secret will follow | ||
- | 9 Specifies a SCRYPT HASHED secret will follow | ||
- | LINE The UNENCRYPTED (cleartext) 'enable' secret | ||
- | level Set exec level password | ||
- | |||
- | R1(config)#enable secret le | ||
- | R1(config)#enable passwo | ||
- | R1(config)#enable password leve | ||
- | R1(config)#enable password level 10 Cisco55 | ||
- | % Converting to a secret. Please use "enable secret" in the future. | ||
- | |||
- | R1(config)#no enable password level 10 Cisco55 | ||
- | R1(config)#enable secret level 10 Cisco55 | ||
- | R1(config)#end | ||
- | R1# | ||
- | *Aug 15 02:57:50.031: %SYS-5-CONFIG_I: Configured from console by test02 on console | ||
- | R1#logout | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
+ | </code> | ||
+ | ===== Jump to privileged exec mode immediately ===== | ||
+ | this is useful for verification use. | ||
+ | <code> | ||
+ | configure terminal | ||
+ | ! | ||
+ | interface FastEthernet 0/0 | ||
+ | ip address 10.0.8.123 255.255.255.0 | ||
+ | no shutdown | ||
+ | ! | ||
+ | line vty 0 15 | ||
+ | login | ||
+ | privilege level 15 | ||
+ | password iamgod | ||
+ | ! | ||
+ | line console 0 | ||
+ | login | ||
+ | privilege level 15 | ||
+ | password iamgod | ||
+ | ! | ||
+ | end | ||
+ | </code> | ||
+ | ==== Verification ==== | ||
+ | <code> | ||
R1 con0 is now available | R1 con0 is now available | ||
Line 540: | Line 435: | ||
- | |||
- | |||
- | |||
- | |||
- | User Access Verification | ||
- | |||
- | Username: test01 | ||
- | Password: | ||
- | R1#sh run | ||
- | ^ | ||
- | % Invalid input detected at '^' marker. | ||
- | |||
- | R1#conf t | ||
- | ^ | ||
- | % Invalid input detected at '^' marker. | ||
- | |||
- | R1#configure | ||
- | Configuring from terminal, memory, or network [terminal]? | ||
- | Enter configuration commands, one per line. End with CNTL/Z. | ||
- | R1(config)#inter | ||
- | R1(config)#int f0/0 | ||
- | ^ | ||
- | % Invalid input detected at '^' marker. | ||
- | |||
- | R1(config)#? | ||
- | Configure commands: | ||
- | beep Configure BEEP (Blocks Extensible Exchange Protocol) | ||
- | call Configure Call parameters | ||
- | default Set a command to its defaults | ||
- | end Exit from configure mode | ||
- | exit Exit from configure mode | ||
- | help Description of the interactive help system | ||
- | license Configure license features | ||
- | netconf Configure NETCONF | ||
- | no Negate a command or set its defaults | ||
- | oer Optimized Exit Routing configuration submodes | ||
- | pfr Performance Routing configuration submodes | ||
- | sasl Configure SASL | ||
- | wsma Configure Web Services Management Agents | ||
- | |||
- | R1(config)#end | ||
- | R1# | ||
- | *Aug 15 02:59:09.111: %SYS-5-CONFIG_I: Configured from console by test01 on console | ||
- | R1#configure terminal | ||
- | ^ | ||
- | % Invalid input detected at '^' marker. | ||
- | |||
- | R1#enable | ||
- | R1#configure terminal | ||
- | Enter configuration commands, one per line. End with CNTL/Z. | ||
- | R1(config)#^Z | ||
- | R1# | ||
- | *Aug 15 02:59:39.775: %SYS-5-CONFIG_I: Configured from console by test01 on console | ||
- | R1#disable | ||
- | R1>sh privilege | ||
- | Current privilege level is 1 | ||
- | R1>enable | ||
- | R1#sh privilege | ||
- | Current privilege level is 15 | ||
- | R1#disable | ||
- | R1>logout | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | R1 con0 is now available | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | Press RETURN to get started. | ||
Line 652: | Line 446: | ||
User Access Verification | User Access Verification | ||
- | Username: test01 | ||
Password: | Password: | ||
- | R1#sh pri | + | R1#sh priv |
- | R1#sh privi | + | Current privilege level is 15 |
- | R1#sh privilege | + | |
- | Current privilege level is 10 | + | |
R1#conf t | R1#conf t | ||
- | ^ | ||
- | % Invalid input detected at '^' marker. | ||
- | |||
- | R1#configure | ||
- | Configuring from terminal, memory, or network [terminal]? | ||
Enter configuration commands, one per line. End with CNTL/Z. | Enter configuration commands, one per line. End with CNTL/Z. | ||
- | R1(config)#^Z | + | R1(config)#^Z |
+ | R1#sh r | ||
+ | *Aug 18 05:23:34.630: %SYS-5-CONFIG_I: Configured from console by console | ||
+ | R1#sh run | i priv | ||
+ | username user2 privilege 10 secret 5 $1$ZRsH$6bnNLeYHu6UkaIaFMMf0n1 | ||
+ | username user3 privilege 15 secret 5 $1$KNnH$J70NyIsXID5SozkHnYtWI. | ||
+ | privilege exec level 10 configure terminal | ||
+ | privilege exec level 10 configure | ||
+ | privilege exec level 10 show startup-config | ||
+ | privilege exec level 10 show running-config | ||
+ | privilege exec level 1 show | ||
+ | privilege level 15 | ||
+ | privilege level 15 | ||
+ | privilege level 15 | ||
R1# | R1# | ||
- | *Aug 15 03:00:31.163: %SYS-5-CONFIG_I: Configured from console by test01 on console | ||
- | R1#conf t | ||
- | ^ | ||
- | % Invalid input detected at '^' marker. | ||
- | |||
- | R1#enable | ||
- | R1#sh privi | ||
- | R1#sh privilege | ||
- | Current privilege level is 15 | ||
- | R1#en | ||
- | R1#enable ? | ||
- | <0-15> Enable level | ||
- | view Set into the existing view | ||
- | <cr> | ||
- | |||
- | R1#enable 10 | ||
- | R1#sh pri | ||
- | R1#sh privi | ||
- | R1#sh privilege | ||
- | Current privilege level is 10 | ||
- | R1#conf t | ||
- | ^ | ||
- | % Invalid input detected at '^' marker. | ||
- | |||
- | |||
- | </code> | ||
- | |||
- | ++++ | ||
- | |||
- | ===== Jump to privileged exec mode immediately ===== | ||
- | |||
- | <code> | ||
- | configure terminal | ||
- | ! | ||
- | line vty 0 15 | ||
- | privilege level 15 | ||
- | login | ||
- | ! important!! | ||
- | password test03 | ||
- | ! | ||
- | end | ||
- | </code> | ||
- | |||
- | <code> | ||
- | Trying 10.0.8.123... | ||
- | Connected to 10.0.8.123. | ||
- | Escape character is '^]'. | ||
- | |||
- | User Access Verification | ||
- | |||
- | Password: | ||
- | R1#conf t | ||
- | Enter configuration commands, one per line. End with CNTL/Z. | ||
- | R1(config)#^Z | ||
- | R1#sh priv | ||
- | Current privilege level is 15 | ||
- | R1#logout | ||
- | Connection closed by foreign host. | ||
</code> | </code> | ||
Line 733: | Line 474: | ||
- [[https://www.infraexpert.com/study/aaaz09.html|Cisco IOS - privilege levelとprivilege execの設定]] | - [[https://www.infraexpert.com/study/aaaz09.html|Cisco IOS - privilege levelとprivilege execの設定]] | ||
+ | - [[https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/m1/sec-m1-cr-book/sec-cr-p2.html#wp7303105770|Cisco IOS Security Command Reference: Commands M to R - ppp accounting through quit [Support & Downloads] - Cisco]] | ||
+ | - [[http://www.n-study.com/network/2006/09/cisco_telnet_1.html|Ciscoデバイスの管理 Telnetによるリモート管理 その1 (ネットワークのおべんきょしませんか? Cisco CCNA/CCNP/CCIE、ネットワークスペシャリスト試験の勉強にピッタリ)]] | ||