Thanks for the suggestion, guys. Appreciate it very much.
On Wed, Feb 8, 2012 at 4:14 PM, Tom Kacprzynski <tom.kac_at_gmail.com> wrote:
> You can use Role Bases CLI by creating a 'parser view' and excluding the
> enable command from that view. That should work.
>
>
> Tom Kacprzynski
>
>
> On Wed, Feb 8, 2012 at 3:00 PM, <ohio38jr_at_gmail.com> wrote:
>
>> How about enable secret instead of enable password then? You can set
>> level privileges but once you are able to 'show run' you will somewhat see
>> everything.
>>
>> Goodluck,
>> I
>> Sent from my BlackBerry. wireless device
>>
>>
>> -----Original Message-----
>> From: Jersey Guy <guy.jersey_at_gmail.com>
>> Sender: nobody_at_groupstudy.com
>> Date: Wed, 8 Feb 2012 15:44:10
>> To: Cisco certification<ccielab_at_groupstudy.com>
>> Reply-To: Jersey Guy <guy.jersey_at_gmail.com>
>> Subject: how to enable "show run" but not see enable password
>>
>> Hello Folks,
>> Just wondering if there's any way to tweak privilege levels on a Cisco box
>> such that a user can see the full config by doing a "show run" but NOT see
>> the enable password. Even though the enable password is encrypted, it is
>> very easy to crack, hence the query...
>>
>> TIA
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Wed Feb 08 2012 - 16:17:27 ART
This archive was generated by hypermail 2.2.0 : Thu Mar 01 2012 - 11:46:56 ART