Re: how to enable "show run" but not see enable password

I want to restrict the person to do all show commands but NOT be able to
make any chances or do any configurations.

We already have enable secret but the concern is that the encryption is
very easy to decipher. Plenty of cracks available on the net.

TIA

On Wed, Feb 8, 2012 at 4:02 PM, Haroon <itguy.pro_at_gmail.com> wrote:

> why do you need to hide password from someone who is already in the
> system?
>
> On Wed, Feb 8, 2012 at 4:00 PM, <ohio38jr_at_gmail.com> wrote:
>
>> How about enable secret instead of enable password then? You can set
>> level privileges but once you are able to 'show run' you will somewhat see
>> everything.
>>
>> Goodluck,
>> I
>> Sent from my BlackBerry. wireless device
>>
>>
>> -----Original Message-----
>> From: Jersey Guy <guy.jersey_at_gmail.com>
>> Sender: nobody_at_groupstudy.com
>> Date: Wed, 8 Feb 2012 15:44:10
>> To: Cisco certification<ccielab_at_groupstudy.com>
>> Reply-To: Jersey Guy <guy.jersey_at_gmail.com>
>> Subject: how to enable "show run" but not see enable password
>>
>> Hello Folks,
>> Just wondering if there's any way to tweak privilege levels on a Cisco box
>> such that a user can see the full config by doing a "show run" but NOT see
>> the enable password. Even though the enable password is encrypted, it is
>> very easy to crack, hence the query...
>>
>> TIA
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Feb 08 2012 - 16:13:55 ART