If you want to give only read only access to the entire active config, then
perhaps you can use views. It doesnt need an external server and will surely
meet your requirements,
________________________________
From: Imran Ali
<immrccie_at_gmail.com>
To: Cisco certification <ccielab_at_groupstudy.com>
Sent:
Saturday, February 16, 2013 10:27 AM
Subject: read only access and need to
protect all sensitive passwords
Hi all,
i need to give read only access
of my routers to an audit team .
i have no issue setting up a radius
server to throug a exec level 7
.... which i customised on the router
to allow only show
Privelege exec all level 7 show . i found that
he cant view
routing config using " regular show run '' but with can view
last saved
config with show sartup-config.
the issue is my radius server
and their is no option to specify
type 5 md5 strong password .
i am
ending up with showing my Radius key ..... as type 7 can be
easily de
crepted .
......i also tried service password encryption..but it is
again
using type 7 ...
Any chance of saving from over shoulder readng
attack ?
Blogs and organic groups at http://www.ccie.net
Received on Fri Feb 15 2013 - 21:35:53 ART
This archive was generated by hypermail 2.2.0 : Fri Mar 01 2013 - 07:57:58 ART