R3102-R3103-HP 6600/HSR6600 Routers Fundamentals Configuration Guide
18
Ste
p
Command
Remarks
3. Configure the password for
the user privilege level.
super password [ level
user-level ] [ hash ] { cipher
| simple } password
If local authentication is involved, this step
is required.
By default, a privilege level has no
password.
If no user privilege level is specified when
you configure the command, the user
privilege level defaults to 3.
If you specify the simple keyword for the
command, the password is saved in plain
text in the configuration file. If you specify
the cipher keyword, the password is saved
in cipher text. For security, specify the
cipher keyword for the command.
If local-only authentication is used, a console user interface user can switch to a higher privilege level,
even if the privilege level has not been assigned a password. Console user interface users include users
logged in through the console port and users logged in through the AUX port used as the console port.
Switching to a higher user privilege level
Before you switch to a higher user privilege level, obtain the required authentication data as described
in Table 8.
W
hen the user privilege level switching authentication mode is scheme and the authentication method is
local (the authentication login local command is configured), a user who fails to provide the correct
password during 5 consecutive attempts must wait 15 minutes before trying again. Trying again before
the 15-minute period elapses restores the wait timer to 15 minutes and restarts the timer.
To switch the user privilege level, perform the following task in user view:
Task Command
Remarks
Switch the user privilege level. super [ level ]
When logging in to the device, a
user has a user privilege level,
which depends on user interface or
authentication user level.
Table 8 Information required for user privilege level switching
User interface
authentication
mode
User privilege
level switching
authentication
mode
Information required for the
first authentication mode
Information required for the
second authentication mode
none/password
local
Password configured for the
privilege level on the device with
the super password command.
N/A
local scheme
Password configured for the
privilege level on the device with
the super password command.
Username and password
configured on the AAA server for
the privilege level.
scheme
Username and password for the
privilege level.
N/A