Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Change Enable Password

We have ASA 5510, running 8.2 (2) IOS.  We want to change the enable password.  Is this the correct syntax?

enable password newpassword encrypted

Thanks.

5 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Blue

Re: Change Enable Password

laurabolda wrote:

We have ASA 5510, running 8.2 (2) IOS.  We want to change the enable password.  Is this the correct syntax?

enable password newpassword encrypted

Thanks.

Laura

The command references are the things to use when you need to know the syntax for a command -

ASA 8.2 command reference

note you only specify the "encrypted" keyword if the password you are entering is already encrypted ie. not clear text so you probably don't need it. See the command reference for full details.

Jon

Cisco Employee

Re: Change Enable Password

Jon is absolutely right.

To configure a new enable password: "enable password ", and the password will automatically be encrypted.

You only need to add the "encrypted" keyword if your password is already in encrypted format, normally if you RMA the appliance, and just restoring the configuration that has the password encrypted, then you would just copy and paste that "enable password encrypted" line.

Hope that helps.

Cisco Employee

Re: Change Enable Password

passwd is telnet password to the ASA.

Here is the command reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/p.html#wp1913898

Re: Change Enable Password

Laura,

To remove the telnet commands do a:

sh run telnet

and remove the commands.

The recommended access is via SSH.

Federico.

Cisco Employee

Re: Change Enable Password

Laura, you are absolutely correct.

If you just have the "telnet timeout 5" command, that means that telnet is already disabled.

You can safely remove the "passwd" statement.

8 REPLIES
Hall of Fame Super Blue

Re: Change Enable Password

laurabolda wrote:

We have ASA 5510, running 8.2 (2) IOS.  We want to change the enable password.  Is this the correct syntax?

enable password newpassword encrypted

Thanks.

Laura

The command references are the things to use when you need to know the syntax for a command -

ASA 8.2 command reference

note you only specify the "encrypted" keyword if the password you are entering is already encrypted ie. not clear text so you probably don't need it. See the command reference for full details.

Jon

Cisco Employee

Re: Change Enable Password

Jon is absolutely right.

To configure a new enable password: "enable password ", and the password will automatically be encrypted.

You only need to add the "encrypted" keyword if your password is already in encrypted format, normally if you RMA the appliance, and just restoring the configuration that has the password encrypted, then you would just copy and paste that "enable password encrypted" line.

Hope that helps.

New Member

Re: Change Enable Password

Thanks Jon and Halijenn.  One more question:  I also have the "passwd" statement below enable password.  What is this "passwd" statement?   Is this "passwd" different from the Enable Password.   I do not see it in the Command Reference Guide.  For example, I have the following in the Config.

enable password hiKujhC12luem encrypted

passwd 2Kd3iekdIdI.2KPOU encrypted

Thank you.

Cisco Employee

Re: Change Enable Password

passwd is telnet password to the ASA.

Here is the command reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/p.html#wp1913898

New Member

Re: Change Enable Password

Thanks for your prompt response, Halijenn.  I did not know the "passwd" statement is for telnet.  It must be installed by default.  So, I guess the default password would be "cisco".    That means I am able to telnet to the ASA, too and I did not know.   Would you recommend removing this telnet password since I already setup SSH?   Besides removing this "passwd" statement, do I also need to remove the telnet statement?

Thank you.

Re: Change Enable Password

Laura,

To remove the telnet commands do a:

sh run telnet

and remove the commands.

The recommended access is via SSH.

Federico.

New Member

Re: Change Enable Password

Federico,

When I typed "sh run telnet", I got "telnet timeout 5".  Does it mean telnet is NOT allowed?

When I tried to telnet to the ASA, I got "connection to session XX.XXX.XXX.XX failed.  Connection timed out".  Does it mean telnet is NOT allowed?

So, is it OK to remove the passwd statement?

Thanks.

Laura

Cisco Employee

Re: Change Enable Password

Laura, you are absolutely correct.

If you just have the "telnet timeout 5" command, that means that telnet is already disabled.

You can safely remove the "passwd" statement.

1166
Views
0
Helpful
8
Replies
CreatePlease to create content