6-10
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-03
Chapter 6 Configuring the System
Changing the Password
• It reads the configuration file that corresponds to its host name; for example, it reads switch1-confg
from the TFTP server.
Switches 2 through 4 retrieve their configuration files and IP addresses in the same way.
Changing the Password
You can assign the password of your switch in these ways:
• Using the setup program, as described in the release notes
• Manually assigning a password, as described in this section
Note YoucanchangeapasswordonlybyusingtheCLI.Yourconnectionwiththeswitchendswhenyou
change the enable secret password. You will then need to reopen the session with the new password. If
you have forgotten your password, see the “Recovering from a Lost or Forgotten Password” section on
page 14-9.
Because many privileged EXEC commands are used to set operating parameters, you should
password-protect these commands to prevent unauthorized use. Catalyst 2950 switches have two
commands for setting passwords:
• enable secret password (a very secure, encrypted password)
• enable password password (a less secure, unencrypted password)
You must enter one of these passwords to gain access to privileged EXEC mode. We recommend that
you use the enable secret password.
Note When set, the enable secret password takes precedence, and the enable password serves no purpose.
If you enter the enable secret command, the text is encrypted before it is written to the config.text file,
and it is unreadable. If you enter the enable password command, the text is written as entered to the
config.text file where you can read it.
You can also specify up to 15 privilege levels and define passwords for them by using the enable
password [level level]{password}ortheenable secret [level level]{password} command. Level 1 is
EXEC-mode user privileges. If you do not specify a level, the privilege level defaults to 15 (privileged
EXEC-mode privileges).
Youcanspecifyalevel,setapassword,andgivethepasswordonlytouserswhoneedtohaveaccessat
this level. Use the privilege level global configuration command to specify commands accessible at
various levels.
Note You need an enable secret password with a privilege level 15 to access CMS. You must also use this
password if you configure the Terminal Access Controller Access Control System Plus (TACACS+)
protocol from the CLI so that all your HTTP connections are authenticated through the TACACS+ server.
The Telnet password must be an enable secret password.
For information about managing passwords in switch clusters, see the “Passwords” sectiononpage5-14.
To Next Page
Loading...
Need help?
General
