Using a single shared password is not the most secure way to control authentication. Giving each individual a username and password is easier to track. This lab will discuss and demonstrate local user authentication.
Commonly with Cisco devices, multiple users will be accessing and configuring the device, thus requires different user credentials for individuals with different levels of access required to perform different management duties relating to the Cisco device.
This lab will discuss and demonstrate the configurational requirements for setting up local user accounts.
Step 1. As required per the first object, create a user account with the username of tom and password of Cisco$123 and grant this user level 15 privileges.
Router con0 is now available Press RETURN to get started. Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#username tom privilege 15 secret Cisco$123
Step 2. – Create a user account with the username of Sally and password of LetMeSee! and grant this user level 1 privileges.
Router(config)#username sally privilege 1 secret LetMeSee!
Step 3. – Configure the VTY lines 0 through 4 to authenticate incoming exec sessions to the local user database. This is done by executing the login local under line configuration mode.
Router(config)#line vty 0 4 Router(config-line)#login local
Step 4. – Verify your configuration by using reverse telnet via the Loopback0 interface. You should receive a username and password prompt and upon a successful authentication based on the credentials provided you should be granted an exec shell session in user mode if using the username sally or privileged mode if using the username tom as shown below;
Routerconfig-line)#end Router#telnet 10.1.1.1 Trying 10.1.1.1 ... Open User Access Verification Username: tom Password: Router#