Different types of logins to cisco devices

Answered Question
Feb 7th, 2007

Hi,

Can someone tell me the what the different priv levels are to for logins and what each one allows you to do?

ie. priv 0-15

thanks

B

I have this problem too.
0 votes

B

By default, there are three privilege levels on the router.

privilege level 1 = non-privileged (prompt is router>), the default level for logging in

privilege level 15 = privileged (prompt is router#), the level after going into enable mode

privilege level 0 = seldom used, but includes 5 commands: disable, enable, exit, help, and logout

Levels 2-14 are not used in a default configuration, but commands that are normally at level 15 can be moved down to one of those levels and commands that are normally at level 1 can be moved up to one of those levels. Obviously, this security model involves some administration on the router.

To determine the privilege level as a logged-in user, type the show privilege command. To determine what commands are available at a particular privilege level for the version of Cisco IOS? software that you are using, type a ? at the command line when logged in at that privilege level.

You can also customize what privilege levels allow

See:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ftprienh.htm

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
spremkumar Wed, 02/07/2007 - 03:29

Hi Brad

Normally you define different privilege levels under which you allow selective commands to be executed.

you can define different levels under which you permit different subsets of commands which could be executed when logged in with the credentials related to that particular privilege level..

Normally when user logins without any privilege level he will be logging onto level 1 once he gives enable secret/password he gets into level 15 which is otherwise called as super user mode.

Under level 15 you can execute all the commands supported by the ios code installed in the box.

you can also refer this link for more info on privilege levels..

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00803f3bb7.html

regds

Correct Answer

B

By default, there are three privilege levels on the router.

privilege level 1 = non-privileged (prompt is router>), the default level for logging in

privilege level 15 = privileged (prompt is router#), the level after going into enable mode

privilege level 0 = seldom used, but includes 5 commands: disable, enable, exit, help, and logout

Levels 2-14 are not used in a default configuration, but commands that are normally at level 15 can be moved down to one of those levels and commands that are normally at level 1 can be moved up to one of those levels. Obviously, this security model involves some administration on the router.

To determine the privilege level as a logged-in user, type the show privilege command. To determine what commands are available at a particular privilege level for the version of Cisco IOS? software that you are using, type a ? at the command line when logged in at that privilege level.

You can also customize what privilege levels allow

See:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ftprienh.htm

Actions

This Discussion