API Guide
OS10(config)# enable password 0 4newhire4 priv-lvl 5
%Error: Password it does not contain enough DIFFERENT characters.
OS10(config)# service simple-password
OS10(config)# username admin2 password 4newhire4 role sysadmin
OS10(config)# enable password 0 4newhire4 priv-lvl 5
Re-enable strong password check
OS10(config)# no service simple-password
Obscure passwords
To obscure passwords in show command output so that text characters do not display, use the service obscure-
password command. The command obscures the passwords configured for user names, NTP, BGP, SNMP, RADIUS servers,
and TACACS+ servers. To disable the obscure passwords function, use the no service obscure-password command.
● Enter the command in CONFIGURATION mode.
service obscure-password
Obscure OS10 passwords
OS10(config)# service obscure-password
OS10(config)# show running-configuration users
username admin password **** role sysadmin priv-lvl 15
username test1 password **** role sysadmin priv-lvl 15
OS10(config)# show running-configuration radius-server
radius-server host 10.2.2.2 key 9 ****
OS10(config)# show running-configuration tacacs-server
tacacs-server host 10.1.1.1 auth-port 7777 key 9 ****
Disable obscure passwords
OS10(config)# no service obscure-password
OS10(config)# show running-configuration users
username admin password $6$q9QBeYjZ$jfxzVqGhkxX3smxJSH9DDz7/3OJc6m5wjF8nnLD7/
VKx8SloIhp4NoGZs0I/UNwh8WVuxwfd9q4pWIgNs5BKH role sysadmin priv-lvl 15
username test1 password $6$rounds=656000$50vutEWA9w3ImvF.
$2pSDnaINYTKCQ6WAlJqeabiFQNRvUgui3.
6vR2e.L/D7DBwnV0QtY.KtOBTZAIDDT5.AFWxQHVgs2/V3jC3yG1 role sysadmin priv-lvl 15
OS10(config)# show running-configuration radius-server
radius-server host 10.2.2.2 key 9
3c0e479bd43bb5baf4ebb16e1317a845f01f832e25a03836c70bd26b9754d6a0
OS10(config)# show running-configuration tacacs-server
tacacs-server host 10.1.1.1 auth-port 7777 key 9
27ca79bf3cbf351708c8d19caf50815661dcd0638719a06c865e88090d03558b
Privilege levels
Controlling terminal access to a switch is one method of securing the device and network. To increase security, you can limit
user access to a subset of commands using privilege levels.
Configure privilege levels, add commands to them, and restrict access to the command line with passwords. The system
supports 16 privilege levels:
● Level 0—Provides users the least privilege, restricting access to basic commands.
● Level 1—Provides access to a set of show commands and certain operations such as ping, traceroute, and so on.
● Level 15—Provides access to all available commands for a particular user role.
● Levels 0, 1, and 15—System configured privilege levels with a predefined command set.
Security
1015