Giuseppe Larosa Fri, 06/04/2010 - 04:46
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Egeorgopolus,


do


sh run | inc username


if you find a line like

username root


you just need to deny it with


conf t

! report the whole line here with no in front

no username root


Hope to help

Giuseppe

egeorgopoulos Fri, 06/04/2010 - 05:52
User Badges:

Actually there is no root username, so this username cannot be disabled. Any other clu
es?


Thank you.

hobbe Fri, 06/04/2010 - 06:18
User Badges:
  • Gold, 750 points or more

Do you have any AAA statements to a tacacs or radius server that could contain the user root ?


How do you know that root is logging in ?


If there for some reason now is a user root who loggs in at the router without password

First, have you tried to login with root ?

Second, why not create the user root with an very complex password ?

would that keep them out ? atleast until you can figure out whats going on ?



HTH

egeorgopoulos Fri, 06/04/2010 - 06:35
User Badges:

Yes, I tried with root user and it can log in without entering any password. The AAA is enabled, so for the time being I modified the root user to enter the system with a password.


The odd thing is that there wasn't any username 'root' in the configuration before. At least now, this user is forced to enter a password.


Thank you.

hobbe Fri, 06/04/2010 - 07:21
User Badges:
  • Gold, 750 points or more

If you are using AAA you can use a user database outside the router. (radius/tacacs+)


If the AAA is enabled and you are using it, the root user gets his/her credentials from the AAA server.

So if the AAA server is a linux/unix style box, (most likely since windows does not use root) then most likely there is a problem with the root user at that machine, ie that root user does not have a password. (wich can be quite bad)


a local user database would have shown the username root in the config


(to check local database just do :  "sh ru | include root"  the | is the pipe sign.)




HTH

Actions

This Discussion