Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

restricted local user

I have SEVERAL routers that need to have their running configs backed up automatically on a weekly - or at least monthly - basis.

I'm calling a shell script via cron thats doing this just fine. The only thing missing is some fine grain control what the user can do.

Now I have a local user defined in the router but its a full fledged user. I like to have an account that can ONLY use the copy command, ie 'copy running-config tftp://blah/blah/blah'.

Suggestions?

P.S. I tried to backup the running-config via a snmp query but that kinda fell through - no resources found.

1 REPLY

Re: restricted local user

The way to do this is to define a user with privilege level 2:

username xxx privilege 2 password yyy

Define an enable password for privilege level 2:

enable secret level 2 blabla

After that define what additional commands the user with privilege 2 has access to:

privilege exec level 2 copy

privilege exec level 2 copy startup-config

Cheers,

Liviu

140
Views
5
Helpful
1
Replies
CreatePlease to create content