[es] - Cisco AAA pitanje

markom
Marko Milivojević
Network Engineer
Google
Mountain View

Član broj: 18427
Poruke: 4227
*.lina.net

Sajt: https://markom.rs

+16 Profil

Cisco AAA pitanje

^{15.09.2003. u 14:24 - pre 250 meseci}

Imam jedan mali problem koji mozda neko ume da resi (ja sam blago zapeo).

Naime, potrebno mi je da identifikovani korisnik na ruteru moze da vidi kompletnu radnu konfiguraciju (running-config). Moj dosadasnji rezultat je:

Code:

c2610#show run
Building configuration...

Current configuration : 13 bytes
!
!
!
!
end

c2610#show priv
Current privilege level is 10

I to posle:

Code:

c2610#aaa new-model
c2610#aaa authentication login default local
c2610#aaa authorization exec default local
c2610#username master privilege 15 password 0 password1
c2610#username slave privilege 10 password 0 password2
c2610#privilege exec level 10 show run

Hakeraj tipa:

Code:

c2610#privilege exec level 10 show startup-config
c2610#privilege exec level 10 write memory

pa onda kao neprivilegovani:

Code:

c2610#write mem
Building configuration...
[OK]
c2610#show start
Using 780 out of 29688 bytes
...

Mi je poznato resenje, ali mi ne odgovara.

Any hints?

OV SM
LA PK

Odgovor na temu

markom
Marko Milivojević
Network Engineer
Google
Mountain View

Član broj: 18427
Poruke: 4227
*.lina.net

Sajt: https://markom.rs

+16 Profil

Re: Cisco AAA pitanje

^{15.09.2003. u 17:44 - pre 250 meseci}

Eh, ne volim kad sam sebi odgovaram.

Sto se babi snilo ... Elem, resenje je ispod i manje-vise ne moze drugacije:

Code:

username slave privilege 15 password 0 password2
username slave autocommand show running-config
aaa new-model
aaa authentication login default local
aaa authorization exec default local

Rezultat je:

Code:

markom:~> telnet 10.0.0.1
Trying 10.0.0.1...
Connected to 10.0.0.1.
Escape character is '^]'.

User Access Verification

Username: slave
Password:

Building configuration...

Current configuration : 824 bytes
!
...

Marko.

OV SM
LA PK

Odgovor na temu