Users Guide

ManualsBrandsDell ManualsAccess PlatformsC9000 Series Line Cards

911

912

913

914

915

916

917

918

919

920

– level level: Specify a level from 0 to 15. Level 15 includes all levels.

– encryption-type: Enter 0 for plain text or 7 for encrypted text.

– password: Enter a string.

To change only the password for the enable command, configure only the password parameter.

To view the configuration for the enable secret command, use the show running-config

command in EXEC Privilege mode.

In custom-configured privilege levels, the enable command is always available. No matter what privilege

level you use on the system, you can enter the

enable 15 command to access and configure all CLIs.

Obscuring Passwords and Keys

By default, the service password-encryption command stores encrypted passwords. For greater

security, you can also use the

service obscure-passwords command to prevent a user from reading

the passwords and keys, including RADIUS, TACACS+ keys, router authentication strings, VRRP

authentication by obscuring this information. Passwords and keys are stored encrypted in the

configuration file and by default are displayed in the encrypted form when the configuration is displayed.

Enabling the service obscure-passwords command displays asterisks instead of the encrypted

passwords and keys. This command prevents a user from reading these passwords and keys by obscuring

this information with asterisks.

Password obscuring masks the password and keys for display only but does not change the contents of

the file. The string of asterisks is the same length as the encrypted string for that line of configuration. To

verify that you have successfully obscured passwords and keys, use the show running-config

command or show startup-config command.

If you are using role-based access control (RBAC), only the system administrator and security

administrator roles can enable the service obscure-password command.

To enable the obscuring of passwords and keys, use the following command.

• Turn on the obscuring of passwords and keys in the configuration.

CONFIGURATION mode

service obscure-passwords

Example of Obscuring Password and Keys

Dell(config)# service obscure-passwords

Configuring Custom Privilege Levels

In addition to assigning privilege levels to the user, you can configure the privilege levels of commands so

that they are visible in different privilege levels.

Within the Dell Networking OS, commands have certain privilege levels. With the privilege command,

you can change the default level or you can reset their privilege level back to the default.

• Assign the launch keyword (for example, configure) for the keyword’s command mode.

• If you assign only the first keyword to the privilege level, all commands beginning with that keyword

are also assigned to the privilege level. If you enter the entire command, the software assigns the

privilege level to that command only.

Security

917