[Cisco] 패스워드 변경, 시스템 기록 ( Common Command result )
Cisco Network
이 글은 단순히 시스템에 접속하여 간단한 명령어의 결과값을 좀 기록할 필요가 있어 기록하는 글이라. 개인적으로 보는 글이기 때문에 참조하는 글로는 적절하지 않을 수 있음.
환경 :
- Cisco L2 Switch SSH Connection ConsoleView Setting
- Privilege 15 Account SSH Connection
1. Command - ?
command "?"을 입력했을 때 나타나는 화면이다. 대략 지원되는 명령어가 display된다.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
Switch#?
Exec commands:
<1-99> Session number to resume
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
access-template Create a temporary Access-List entry
ap Global access points commands
archive manage archive files
authentication Authentication options for eEdge
beep Blocks Extensible Exchange Protocol commands
bulkstat Bulkstat exec commands
call-home Call-Home commands
cd Change current directory
clear Reset functions
clock Manage the system clock
cns CNS agents
codecov request cflow command
configure Enter configuration mode
connect Open a terminal connection
copy Copy from one file to another
crypto Encryption related commands.
cts Cisco Trusted Security Exec Commands
debug Debugging functions (see also 'undebug')
delete Delete a file
device device classifier
diagnostic Diagnostic commands
dir List files on a filesystem
disable Turn off privileged commands
disconnect Disconnect an existing network connection
do-exec Mode-independent "do-exec" prefix support
dot1x IEEE 802.1X Exec Commands
eap EAP Exec Commands
enable Turn on privileged commands
erase Erase a filesystem
event Event related commands
exit Exit from the EXEC
format Format a filesystem
fsck Fsck a filesystem
help Description of the interactive help system
ip Global IP commands
issu issu commands
license Configure license.
lock Lock the terminal
logging Handles logging operations
login Log in as a particular user
logout Exit from the EXEC
macro Exec level macro commands
mediatrace Mediatrace Commands
mkdir Create new directory
monitor Monitoring different system events
more Display the contents of a file
mrinfo Request neighbor and version information from a multicast router
msp Exec command to attach profile to flow
mstat Show statistics after multiple multicast traceroutes
mtrace Trace reverse multicast path from destination to source
name-connection Name an existing network connection
no Disable debugging functions
ping Send echo messages
power Internal PS/RPS/SPS exec commands
pwd Display current working directory
redundancy Redundancy Facility (RF) exec commands
release Release a resource
reload Halt and perform a cold restart
rename Rename a file
renew Renew a resource
resume Resume an active network connection
rmdir Remove existing directory
routing-context Routing Context
rsh Execute a remote command
send Send a message to other tty lines
session Connect to a member
set Set system parameter (not config)
setup Run the SETUP command facility
show Show running system information
software Software commands
spec-file format spec file commands
ssh Open a secure shell client connection
stack-mac Stack-Mac commands
stack-power Stack power commands
switch Switch related paramtes
systat Display information about terminal lines
tclquit Quit Tool Command Language shell
tclsh Tool Command Language shell
telnet Open a telnet connection
terminal Set terminal line parameters
test Test subsystems, memory, and interfaces
traceroute Trace route to destination
tunnel Open a tunnel connection
udld UDLD protocol commands
undebug Disable debugging functions (see also 'debug')
upgrade Upgrade commands
verify Verify a file
vtp Configure global VTP state
where List active connections
wireless Configure wireless parameters
write Write running configuration to memory, network, or terminal
|
cs |
2. Command - show running-config
현재 설정된 설정을 보는 명령어이다.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
|
Switch#show running-config
Building configuration...
Current configuration : 4322 bytes
!
! Last configuration change at 05:55:33 UTC Mon Apr 18 2022 by admin
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 $1$09c0$gReHWethu5AiMd.ro77On/
enable password snowfox
!
username admin privilege 15 password 0 dsm1234
username ciscoadm password 0 dsm1234
username sac password 0 1234
no aaa new-model
switch 1 provision ws-c3850-24t
!
!
!
!
!
!
no ip domain-lookup
!
!
vtp mode transparent
!
!
diagnostic bootup level minimal
spanning-tree mode pvst
spanning-tree extend system-id
hw-switch switch 1 logging onboard message level 3
!
redundancy
mode sso
!
!
vlan 10
name 10
!
ip ssh authentication-retries 5
ip ssh version 2
!
class-map match-any non-client-nrt-class
!
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
ip address 192.168.1.201 255.255.252.0
negotiation auto
!
interface GigabitEthernet1/0/1
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/2
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/3
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/4
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/5
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/6
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/7
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/8
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/9
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/10
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/11
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/12
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/13
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/14
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/15
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/16
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/17
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/18
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/20
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/21
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/22
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/23
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/24
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface Vlan1
no ip address
!
interface Vlan10
no ip address
!
ip default-gateway 192.168.0.1
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
!
snmp-server community public RO
!
!
line con 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password dsm1234
login local
transport input telnet ssh
line vty 5 15
password cisco
login
!
wsma agent exec
profile httplistener
profile httpslistener
!
wsma agent config
profile httplistener
profile httpslistener
!
wsma agent filesys
profile httplistener
profile httpslistener
!
wsma agent notify
profile httplistener
profile httpslistener
!
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
!
ap group default-group
end
|
cs |
3. Command - conf t
command "conf t"을 입력했을 때 나타나는 화면이고 설정 터미널에 진입하는 결과화면으로 보면 된다.
1
2
3
|
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#
|
cs |
4. Command - username {user} password {passwd}
유저를 특정(admin)하여 패스워드(white100)으로 변경하는 명령어인데 별다른 리턴값은 없다. 참고로 기존에 존재하는 유저라면 수정으로 진행이되고 계정이 없다면 유저가 추가되는 형태로 진행이 되는 명령어이다.
1
2
3
4
5
6
|
Switch(config)#username admin password white100
Switch(config)#
Switch(config)#
Switch(config)#username addddd password white1
Switch(config)#
|
cs |
5. Command - who
일반적인 linux에서 작동하는 who는 작동을 하는지 체크해보니 된다. 유닉스 기반에 커스텀한 OS라는 말이 맞는 것 같다(?)
6. Command - no username {user}
유저를 만들었다면 삭제하는 방법도 있는데 아래와 같이 "no username id"를 입력하면 confirm 메시지가 나오고 진행하면 삭제가 된다.
참고 :
https://www.tutorialandexample.com/configure-password
http://kb.eclipseinc.com/kb/ciscoaddremovelocalusers/