2-13
Configuring Username and Password Security
Saving Security Credentials in a Config File
You can enter a manager, operator, or 802.1X port-access password in clear
ASCII text or hashed format. However, manager and operator passwords are
displayed and saved in a configuration file only in hashed format; port-access
passwords are displayed and saved only as plain ASCII text.
After you enter the complete command syntax, the password is set. You are
not prompted to enter the password a second time.
This command enhancement allows you to configure manager, operator, and
802.1X port-access passwords in only one step (instead of entering the
password command and then being prompted twice to enter the actual
password).
■ For more information about configuring local manager and operator
passwords, refer to “Configuring Username and Password Security” on
page 2-1 in this guide.
■ For more information about configuring a port-access password for
802.1X client authentication, see “802.1X Port-Access Credentials” on
page 2-14 in this guide.
SNMP Security Credentials
SNMPv1 community names and write-access settings, and SNMPv3
usernames continue to be saved in the running configuration file even when
you enter the include-credentials command.
In addition, the following SNMPv3 security parameters are also saved:
where:
<name> is the name of an SNMPv3 management station.
[auth <md5 | sha>] is the (optional) authentication method used for the
management station.
<auth-pass> is the hashed authentication password used with the
configured authentication method.
user-name <name>: the optional text string of the user name
associated with the password.
<hash-type>: specifies the type of algorithm (if any) used to
hash the password. Valid values are plaintext or sha-1
<password>: the clear ASCII text string or SHA-1 hash of the
password.
snmpv3 user “<name>" [auth <md5|sha> “<auth-pass>”]
[priv “<priv-pass>"]
