Configuring Username and Password Security

Overview

Level

Actions Permitted

Manager:

Access to all console interface areas.

 

This is the default level. That is, if a Manager password has not been set prior

 

to starting the current console session, then anyone having access to the

 

console can access any area of the console interface.

Operator:

Access to the Status and Counters menu, the Event Log, and the CLI*, but no

 

Configuration capabilities.

 

On the Operator level, the configuration menus, Download OS, and Reboot

 

Switch options in the Main Menu are not available.

*Allows use of the ping, link-test, show, menu, exit, and logout commands, plus the enable command if you can provide the Manager password.

To configure password security:

1.Set a Manager password pair (and an Operator password pair, if applicable for your system).

2.Exit from the current console session. A Manager password pair will now be needed for full access to the console.

If you do steps 1 and 2, above, then the next time a console session is started for either the menu interface or the CLI, a prompt appears for a password. Assuming you have protected both the Manager and Operator levels, the level of access to the console interface will be determined by which password is entered in response to the prompt.

If you set a Manager password, you may also want to configure an inactivity timer. This causes the console session to end after the specified period of inactivity, thus giving you added security against unauthorized console access. You can use either of the following to set the inactivity timer:

Menu Interface: System Information screen (Select “2. Switch Configu- ration.)

CLI: Use the console inactivity-timer < 0 1 5 10 15 20 30 60 120 >

2-4