Dana 20/7/2007, "ashish verma" <[EMAIL PROTECTED]> piše:
av> I dont want the user to go directly in priv mode.
av> through priv level = 15 we direclty get into priv level right.
av> what i am looking for is first the user get into user level and
av> then with
av> another
av> password in level 2.
On Fri 20 Jul 2007, ashish verma wrote:
> Hi Ivan,
>
> What i meant is you type "enable" but the password you give should be
> authenticated by RADIUS server not the "enable password stored on the
> device".
> I am not sure whether it is possible or not. But just wanted to know from
> the experts.
Hi,
> You want a shell user to get to privilege mode without typing
> "enable"and knowing enable password? I am quite certain that Cisco
> spent many years making sure that's impossible. If you find a way to do
> that you can blackmail them for a hell of a lot of money.
err, TACACS+ with priv_lvl
Hi ashish,
First of all, WHY you will need such a setup?
Afaik, cisco will send a request to radius for user '$enable15$' whenever someone tries to "enable".
Run freeradius in debug mode (radiusd -X) and then login as one of your users. Type "enable" and the c
You want a shell user to get to privilege mode without typing
"enable"and knowing enable password? I am quite certain that Cisco
spent many years making sure that's impossible. If you find a way to do
that you can blackmail them for a hell of a lot of money.
Ivan Kalik
Kalik Informatika ISP
Dana
5 matches
Mail list logo
