2-12
Configuring Username and Password Security
Saving Security Credentials in a Config File
Local Manager and Operator Passwords
The information saved to the running-config file when the include-credentials
command is entered includes:
password manager [user-name <name>] <hash-type> <pass-hash>
password operator [user-name <name>] <hash-type> <pass-hash>
where
<name> is an alphanumeric string for the user name assigned to the
manager or operator.
<hash-type> indicates the type of hash algorithm used: SHA-1 or plain
text.
<pass-hash> is the SHA-1 authentication protocol’s hash of the pass-
word or clear ASCII text.
For example, a manager username and password may be stored in a running-
config file as follows:
Use the write memory command to save the password configurations in the
startup-config file. The passwords take effect when the switch boots with the
software version associated with that configuration.
Caution If a startup configuration file includes other security credentials, but does not
contain a manager or operator password, the switch will not have password
protection and can be accessed through Telnet, the serial port, or web
interface with full manager privileges.
Password Command Options
The password command has the following options:
password manager user-name George SHA1
2fd4e1c67a2d28fced849ee1bb76e7391b93eb12
Syntax: [no] password <manager | operator | port-access> [user-name <name>]
<hash-type> <password>
Set or clear a local username/password for a given access level.
manager: configures access to the switch with manager-level
privileges.
operator: configures access to the switch with operator-level
privileges.
port-access: configures access to the switch through 802.1X
authentication with operator-level privileges.
