最新消息:
    你的位置:IPCPU-网络之路 > IT技术 > Cisco IOS权限等级

    Cisco IOS权限等级

    IT技术 ipcpu 3230浏览

    Cisco IOS的权限等级有三个level0、level1、level15
    其中level0有5条命令,level1有大概40条命令,其余的都在level15中。
    高等级可以调用低等级的命令。

    用户EXEC模式-权限等级1   特权EXEC模式-权限等级15

    我们先看level0的命令:
    Router#enable 0
    Router>?
    Exec commands:
    disable  Turn off privileged commands
    enable   Turn on privileged commands
    exit     Exit from the EXEC
    help     Description of the interactive help system
    logout   Exit from the EXEC
    Router>enable 1
    % No password set
    Router>
    从level0进入level1提示密码没有设置。
    给level1设置密码:
    Router(config)#enable password level 1 0 ipcpu
    % Converting to a secret.  Please use “enable secret” in the future.
    !这里面的0表示明文显示,但是IOS自动把password转为secret。

    Router#enable 0
    Router>en
    Router>enable 1
    Password:
    Router>
    命令如下:
    Router>?
    Exec commands:
    access-enable    Create a temporary Access-List entry
    access-profile   Apply user-profile to interface
    clear            Reset functions
    connect          Open a terminal connection
    disable          Turn off privileged commands
    disconnect       Disconnect an existing network connection
    enable           Turn on privileged commands
    exit             Exit from the EXEC
    help             Description of the interactive help system
    lock             Lock the terminal
    login            Log in as a particular user
    logout           Exit from the EXEC
    mrinfo           Request neighbor and version information from a multicast
    router
    mstat            Show statistics after multiple multicast traceroutes
    mtrace           Trace reverse multicast path from destination to source
    name-connection  Name an existing network connection
    pad              Open a X.29 PAD connection
    ping             Send echo messages
    ppp              Start IETF Point-to-Point Protocol (PPP)
    resume           Resume an active network connection
    rlogin           Open an rlogin connection
    show             Show running system information
    slip             Start Serial-line IP (SLIP)
    systat           Display information about terminal lines
    telnet           Open a telnet connection
    terminal         Set terminal line parameters
    traceroute       Trace route to destination
    tunnel           Open a tunnel connection
    udptn            Open an udptn connection
    where            List active connections
    x28              Become an X.28 PAD
    x3               Set X.3 parameters on PAD

    Router>

    其实level1级别就是从console登录到路由router> 的最初级别

    接下来我们设置几个用户,将15级的命令clear line放到1级:

    Router(config)#username wss privilege 1 password wss
    登陆后
    Router>clear ?
    % Unrecognized command
    Router>en
    Password:
    Router#conf t
    Router(config)#privilege exec level 1 clear line
    再次用wss登陆
    Router>clear line ?
    <0-70>   Line number
    aux      Auxiliary line
    console  Primary terminal line
    tty      Terminal controller
    vty      Virtual terminal

    Router>clear line

    IOS可以使用privilege命令将1或者15的命令抠出来,放到其中的几个级别。

    我们平时使用的enable实际就是enable 15的简写
    Router(config)#enable secret level 15 0 ncist

    再次登陆验证!
    H3C设备的命令级别分4个: 访问级0级、监控级1级、系统级2级、管理级3级。

    转载请注明:IPCPU-网络之路 » Cisco IOS权限等级

    与本文相关的文章