1-26
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring AAA Servers and the Local Database
Configuring AAA
Command
Purpose
Step 1
username
username
{
nopassword
|
password
password
[
mschap
]} [
privilege
priv_level
]
Example:
hostname(config)# username exampleuser1 privilege
1
Creates the user account. The
username
username
keyword is a string from 4 to 64 characters long.
The
password
password
keyword is a string from 3 to 32
characters long. The
mschap
keyword specifies that the
password is converted to Unicode and hashed using
MD4 after you enter it. Use this keyword if users are
authenticated using MS-CHAPv1 or MS-CHAPv2. The
privilege
level
argument sets the privilege level, which
ranges from 0 to 15. The default is 2. This privilege level
is used with command authorization.
Caution
If you do not use command authorization (the
aaa authorization console LOCAL
command), then the default level 2 allows
management access to privileged EXEC
mode. If you want to limit access to privileged
EXEC mode, either set the privilege level to 0
or 1, or use the
service-type
command (see
The
nopassword
keyword creates a user account with no
password.
The
encrypted
and
nt-encrypted
keywords are
typically for display only. When you define a password
in the
username
command, the ASA encrypts it when it
saves it to the configuration for security purposes. When
you enter the
show running-config
command, the
username
command does not show the actual password;
it shows the encrypted password followed by the
encrypted
or
nt-encrypted
keyword (when you specify
mschap
). For example, if you enter the password “test,”
the
show running-config
output would appear as
something similar to the following:
username user1 password DLaUiAX3l78qgoB5c7iVNw==
nt-encrypted
The only time you would actually enter the
encrypted
or
nt-encrypted
keyword at the CLI is if you are cutting
and pasting a configuration file for use in another ASA,
and you are using the same password.
Summary of Contents for 5505 - ASA Firewall Edition Bundle
Page 28: ...Glossary GL 24 Cisco ASA Series CLI Configuration Guide ...
Page 61: ...P A R T 1 Getting Started with the ASA ...
Page 62: ......
Page 219: ...P A R T 2 Configuring High Availability and Scalability ...
Page 220: ......
Page 403: ...P A R T 2 Configuring Interfaces ...
Page 404: ......
Page 499: ...P A R T 2 Configuring Basic Settings ...
Page 500: ......
Page 533: ...P A R T 2 Configuring Objects and Access Lists ...
Page 534: ......
Page 601: ...P A R T 2 Configuring IP Routing ...
Page 602: ......
Page 745: ...P A R T 2 Configuring Network Address Translation ...
Page 746: ......
Page 845: ...P A R T 2 Configuring AAA Servers and the Local Database ...
Page 846: ......
Page 981: ...P A R T 2 Configuring Access Control ...
Page 982: ......
Page 1061: ...P A R T 2 Configuring Service Policies Using the Modular Policy Framework ...
Page 1062: ......
Page 1093: ...P A R T 2 Configuring Application Inspection ...
Page 1094: ......
Page 1191: ...P A R T 2 Configuring Unified Communications ...
Page 1192: ......
Page 1333: ...P A R T 2 Configuring Connection Settings and QoS ...
Page 1334: ......
Page 1379: ...P A R T 2 Configuring Advanced Network Protection ...
Page 1380: ......
Page 1475: ...P A R T 2 Configuring Modules ...
Page 1476: ......
Page 1549: ...P A R T 2 Configuring VPN ...
Page 1550: ......
Page 1965: ...P A R T 2 Configuring Logging SNMP and Smart Call Home ...
Page 1966: ......
Page 2059: ...P A R T 2 System Administration ...
Page 2060: ......
Page 2098: ...1 8 Cisco ASA Series CLI Configuration Guide Chapter 1 Troubleshooting Viewing the Coredump ...
Page 2099: ...P A R T 2 Reference ...
Page 2100: ......