Table of Contents
Advertisement
Configuring the Enable Password Command
To configure the Dell Networking OS, use the enable command to enter EXEC Privilege level 15. After
entering the command, the system requests that you enter a password.
Privilege levels are not assigned to passwords, rather passwords are assigned to a privilege level. You can
always change a password for any privilege level. To change to a different privilege level, enter the enable
command, then the privilege level. If you do not enter a privilege level, the default level 15 is assumed.
To configure a password for a specific privilege level, use the following command.
•
Configure a password for a privilege level.
CONFIGURATION mode
enable password [level level] [encryption-mode] password
Configure the optional and required parameters:
•
level level: Specify a level from 0 to 15. Level 15 includes all levels.
•
encryption-type: Enter 0 for plain text or 7 for encrypted text.
•
password: Enter a string.
To change only the password for the enable command, configure only the password parameter.
To view the configuration for the enable secret command, use the show running-config command in
EXEC Privilege mode.
In custom-configured privilege levels, the enable command is always available. No matter what privilege
level you use on the system, you can enter the enable 15 command to access and configure all CLIs.
Obscuring Passwords and Keys
By default, the service password-encryption command stores encrypted passwords. For greater
security, you can also use the service obscure-passwords command to prevent a user from reading the
passwords and keys, including RADIUS, TACACS+ keys, router authentication strings, VRRP authentication by
obscuring this information. Passwords and keys are stored encrypted in the configuration file and by default
are displayed in the encrypted form when the configuration is displayed. Enabling the service obscure-
passwords command displays asterisks instead of the encrypted passwords and keys. This command
prevents a user from reading these passwords and keys by obscuring this information with asterisks.
Password obscuring masks the password and keys for display only but does not change the contents of the
file. The string of asterisks is the same length as the encrypted string for that line of configuration. To verify
that you have successfully obscured passwords and keys, use the show running-config command or
show startup-config command.
If you are using role-based access control (RBAC), only the system administrator and security administrator
roles can enable the service obscure-password command.
To enable the obscuring of passwords and keys, use the following command.
•
Turn on the obscuring of passwords and keys in the configuration.
CONFIGURATION mode
service obscure-passwords
Security
988
Advertisement
Table of Contents
Troubleshooting
