1. Home
  2. Cisco Systems
  3. Account Priviliges

Account Priviliges

Hello,

I'm trying to create a user for Rancid to grab the configs off of cisco devices. I don't really want to create a full privileged account. Ideally, I'd like an account that can log in, do "sh run" or "sh start" and get a full output.. but not be able to write anything either.

I was able to do this:

username rancid secret 5 $1$8tiB$FaJCn8Sr6wSTk4U4XawT9/ privilege exec level 1 show startup-config privilege exec level 1 show running-config privilege exec level 1 show

Which seems to do what I want, except it won't allow me to show the running-config.

Can anyone point me to a good resource? Or give me a hint?

Reply to
Jimsu
Loading thread data ...

Hi Jimsu,

Funny thing with the show running-config privilege is that it won't show you what you don't have the ability to configure... so you have to do something such as:

privilege exec level 1 configure terminal

For more details, check this out:

formatting link
neteng
formatting link

Reply to
pcmccollum

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.