In this post, I'll show you a nice command combo for labbing. The no login and privilege level 15 command combo effectively allows you to Telnet straight into privileged EXEC mode without requiring a password on a remote device. With this method, you can skip typing the username/password or line password, and switching from user EXEC mode to privileged EXEC mode. This is great for labbing when you're a lazy typer like me. Note: These should not be used in production!
The login command enables password checking at login. By default, virtual terminals require a password. If a password is not set, the virtual terminal responds to attempted connections by displaying an error message and closing the connection. Example:
SW2#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
Password required, but none set
[Connection to 10.1.1.1 closed by foreign host]
The no login command disables password checking and allows connections without a password.
SW1(config)#line vty 0 4
SW1(config-line)#no login
The Telnet connection is now successful.
SW2#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
SW1>
However, the user will not be able to go from user EXEC mode to privileged EXEC mode because the enable password is not set.
SW1>enable
% No password set
SW1>
The privilege level command sets the default privilege level for a line. Level 15 is the level of access permitted by enable password. With the no login and privilege level command, the user can Telnet straight into privileged EXEC mode without requiring a password.
SW1(config)#line vty 0 4
SW1(config-line)#no login
SW1(config-line)#privilege level 15
The Telnet session is now open in privileged EXEC mode (as noted by the # sign at the prompt).
SW2#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
SW1#
Cisco documentation: no login and privilege level
The login command enables password checking at login. By default, virtual terminals require a password. If a password is not set, the virtual terminal responds to attempted connections by displaying an error message and closing the connection. Example:
SW2#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
Password required, but none set
[Connection to 10.1.1.1 closed by foreign host]
The no login command disables password checking and allows connections without a password.
SW1(config)#line vty 0 4
SW1(config-line)#no login
The Telnet connection is now successful.
SW2#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
SW1>
However, the user will not be able to go from user EXEC mode to privileged EXEC mode because the enable password is not set.
SW1>enable
% No password set
SW1>
The privilege level command sets the default privilege level for a line. Level 15 is the level of access permitted by enable password. With the no login and privilege level command, the user can Telnet straight into privileged EXEC mode without requiring a password.
SW1(config)#line vty 0 4
SW1(config-line)#no login
SW1(config-line)#privilege level 15
The Telnet session is now open in privileged EXEC mode (as noted by the # sign at the prompt).
SW2#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
SW1#
Cisco documentation: no login and privilege level
Comments
Post a Comment