|
Home > Archive > alt.certification.cisco > March 2004 > Is the LOGIN keyword required?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Is the LOGIN keyword required?
|
|
| Mike Adams 2004-03-23, 10:25 am |
| When configuring passwords on lines, do you need to specify the LOGIN
keyword or not? I'm trying to find a definitive answer, but at the moment
its about 50 - 50 on whether its needed or not.
Ideally I'm looking for the "Cisco" answer. Its not mentioned in the latest
version of BSCI, so I guess that could be the best I'll get.
M.
| |
| Ivan Ostres 2004-03-23, 10:25 am |
| In article <BC85FC04.D01%mikeadams@dsl.pipex.com>,
mikeadams@dsl.pipex.com says...
> When configuring passwords on lines, do you need to specify the LOGIN
> keyword or not? I'm trying to find a definitive answer, but at the moment
> its about 50 - 50 on whether its needed or not.
>
>
>
If you don't specify login statemen (just password) under "line" you
will not be able to log in.
--
Ivan
| |
| Fausto 2004-03-23, 5:25 pm |
| Sorry Ivan but that's not a true assumption ,in fact most common IOS
releases don't need the keyword I think this a must have command when you
have aaa new-model can anyone elaborate a bit more on this ?
"Ivan Ostres" <john@fly.srk.fer.hr> wrote in message
news:c3pian$29gdo8$2@ID-61273.news.uni-berlin.de...
> In article <BC85FC04.D01%mikeadams@dsl.pipex.com>,
> mikeadams@dsl.pipex.com says...
moment[color=blue]
>
> If you don't specify login statemen (just password) under "line" you
> will not be able to log in.
>
> --
> Ivan
| |
| smrkdown 2004-03-23, 6:01 pm |
| When I start with a new config file on my 2500 series routers and set a password on the vty lines, "login" automatically shows up in the running-config. If I then issue no login on the lines, users can connect via telnet with no password and you don't receive the "password required but none set" error. I don't think it's a requirement but I believe it's probably a "best practice" and Cisco seems to think it's important. | |
| Old Garb 2004-03-23, 10:25 pm |
|
"Mike Adams" <mikeadams@dsl.pipex.com> wrote in message =
news:BC85FC04.D01%mikeadams@dsl.pipex.com...
> When configuring passwords on lines, do you need to specify the LOGIN
> keyword or not? I'm trying to find a definitive answer, but at the =
moment
> its about 50 - 50 on whether its needed or not.
>=20
> Ideally I'm looking for the "Cisco" answer. Its not mentioned in the =
latest
> version of BSCI, so I guess that could be the best I'll get.
>=20
>=20
> M.
I've seen references where the LOGIN command should appear before the =
PASSWORD keyword and other references where LOGIN needs to come AFTER =
the PASSWORD keyword.
One will tend to lock you out.
Which way does it go?
| |
| Ivan Ostres 2004-03-24, 5:25 am |
| In article <4060a2ca$0$1851$a729d347@news.telepac.pt>,
foliveira@agamenon.pointclark.net says...
> Sorry Ivan but that's not a true assumption ,in fact most common IOS
> releases don't need the keyword I think this a must have command when you
> have aaa new-model can anyone elaborate a bit more on this ?
>
>
I went ahead and looked at cisco.com.
So,
http://www.cisco.com/en/US/products...oducts_command_
reference_chapter09186a00801a7
f06.html#wp998262
states that
"To enable password checking at login, use the login command in line
configuration mode. To disable password checking and allow connections
without a password, use the no form of this command."
That means that I was half-wrong. You will be able to login without it,
but you will not be asked for password.
--
Ivan
| |
| Hansang Bae 2004-03-25, 1:24 am |
| In article <pq68c.67813$J05.535732@attbi_s01>, oss@comcast.net says...
> I've seen references where the LOGIN command should appear before
> the PASSWORD keyword and other references where LOGIN needs to come
> AFTER the PASSWORD keyword.
> One will tend to lock you out.
> Which way does it go?
The order doesn't matter much. But if out of the box, IOS will not let
you telnet to a router if you don't have a password set.
--
hsb
"Somehow I imagined this experience would be more rewarding" Calvin
*************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
******************************
******************************
********
Due to the volume of email that I receive, I may not not be able to
reply to emails sent to my account. Please post a followup instead.
******************************
******************************
********
|
|
|
|
|