Security
7450 ESS System Mangement Guide Page 143
Password Commands
admin-password
Syntax admin-password password [hash | hash2]
no admin-password
Context config>system>security>password
Description This command allows a user (with admin permissions) to configure a password which enables a user
to become an administrator.
This password is valid only for one session. When enabled, no authorization to TACACS+ or
RADIUS is performed and the user is locally regarded as an admin user.
This functionality can be enabled in two contexts:
config>system>security>password>admin-password
<global> enable-admin
NOTE: See the description for the enable-admin on the next page. If the admin-password is config-
ured in the config>system>security>password context, then any user can enter the special mode by
entering the enable-admin command.
enable-admin is in the default profile. By default, all users are given access to this command.
Once the enable-admin command is entered, the user is prompted for a password. If the password
matches, user is given unrestricted access to all the commands.
The minimum length of the password is determined by the minimum-length command. The com-
plexity requirements for the password is determined by the complexity command.
NOTE: The password argument of this command is not sent to the servers. This is consistent with
other commands which configure secrets.
Also note that usernames and passwords in the FTP and TFTP URLs will not be sent to the authoriza-
tion or accounting servers when the file>copy source-url dest-url command is executed.
For example:
file copy ftp://test:secret@131.12.31.79/test/srcfile cf1:\destfile
In this example, the username 'test' and password 'secret' will not be sent to the AAA servers (or to
any logs). They will be replaced with '****'.
The no form of the command removes the admin password from the configuration.
Default no admin-password
Parameters password — Configures the password which enables a user to become a system administrator. The
maximum length can be up to 20 characters if unhashed, 32 characters if hashed, 54 characters if
the hash2 keyword is specified.
hash — Specifies the key is entered in an encrypted form. If the hash parameter is not used, the key
is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted
To Next Page
Loading...
