I suggest that you setup password level between 2 and 14 and define them.
For example just let the user use only "show tech-support " which will hide
all config that is deemed secure. Just try the command and see.
In fact CISCO engineers suggest that you use 8 or more characters and
include underscore in your secret. This cannot be cracked easily with
software such as Loft etc.
Hope this helps.
Avran
===================================
"Hans Stout" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello colleagues,
>
> do you know if there is a way to make the line 'enable secret 5
> $1$vwIl$YEZxTVGPapUUVCD.c54Ya' invisible when doing a 'sh run' in user
mode
> ? The problem is that I want to allow RO access and also allow to execute
> the 'sh run' command, but that with a password decryptor, one could eaily
> decrypt the enable password.
> Thanks for your help in advance.
>
> Regards,
>
> Hans
> _________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
