Cisco Support Community
Community Member

per user priv exec password

Hi all,

i know you can create a pacific

user ie:

uername ( username) password ( password)

is there away to see a pacific priv exec password for that user?

ie enable secret ( password) but for the pacific user? 

VIP Super Bronze

Re: per user priv exec password


There is no option to specify a user name after enable secret:

have a look:

Switch(config)#enable secret cisco ?


Switch(config)#enable secret cisco


Re: per user priv exec password

Sorry I don't have more info, but some versions will allow specifying a privilege level per user.  I believe TACACS will also enable even more granular control over which commands each user can access. Not sure if that helps.

Community Member

Re: per user priv exec password

thanks guys, yea i thought the only way was to set the username and password to the device just checking.

as i have a customer who wants a username and password plus when the user logs in they are asked for an exec password, but as it is only a globaly configured command i will not be able ot do it.

Hall of Fame Super Gold

per user priv exec password


As far as I know the closest that you can come to having a unique password per user for access to privilege mode is to use something like TACACS to authenticate to privilege mode. With user IDs configured in TACACS you can specify what users do get access to privilege mode and what users do not get access to privilege mode. And when a user attempts to get into privilege mode the request is sent to TACACS for authentication and the user must use their own password (which is unique) rather than using a shared enable secret password.



Re: per user priv exec password

Hall of Fame Super Blue

per user priv exec password

try this:

I believe this is free.

per user priv exec password

You can use a TACACS or a RADIUS server as described above to set a Password per username/level, but without going that far you could just use one of the following:

1- You can just configure your Privilege levels with the commands you want the users to have access to, and then set a different enable secret for each privilege

2- Configure "Views", with this way you can make each view like usernames and set a different password to each View while allowing all of them to have access to the same commands

Or go with the TACACS

CreatePlease to create content