Credential management for Cisco IOS Router

  • For non AAA user account password
    • conf t
    • no aaa new-model
    • For type 0
      • line console 0
    • For type 1
      • line aux 0
    • login
    • password
    • exit
  • For AAA user account password
    • "conf t"
    • "aaa new-model"
    • "no username <oldUser>"
    • "username <username> privilege <userLevel> password <password>"
    • "username <username> password <password>"
    • "exit
  • For Privilege password
    • Check for RADIUS or TACAS
    • "conf t"
    • "sh run"
    • "no enable secret level"
    • "no enable password level"
    • "enable secret level < level> <newPrivPass>"
    • "enable password level <level> <newPrivPass>"
    • "exit"
  • SNMP (v1v2)
    • term length 0"
    • show run | include community"
    • "show run"
    • "conf t"
    • "snmp-server community <newSnmpCommunity> <view> <type> acl"
    • "no snmp-server community <oldSnmpCommunity>"
    • "exit"
  • SNMP v3
    • "conf t"
    • “term length 0
    • “snmp-server user”
    • "show snmp user"
    • “show snmp group”
    • "no snmp-server engineID local "
    • “snmp-server engineID local”
    • “snmp-server context <context name>”
    • “snmp-server view <view name>”
    • “snmp-server group <group name>”
    • "snmp-server user <user name> <group name> v3 encrypted auth (md5|sha) <password> (priv des|des56|aes 128|aes 192|aes 192) <password>”
    • "no snmp-server user <user name> <group name> v3”