+91 90691 39140 | +1 253 214 3115 | info@hub4tech.com | hub4tech


Line Commands

To configure user-mode passwords, use the line command. The prompt then becomes

Router (config-line) #:
Router # config t
Router (config) # line

The line console 0 command is known as a major command (also called a global command), and any command typed from the (config-line) prompt is known as a subcommand.

Router (config) # line vty 0

Setting Passwords

Five passwords are used to secure your Cisco routers: console, auxiliary, telnet (VTY), enable password, and enable secret. The enable secret and enable password are used to set the password that’s used to secure privileged mode. This will prompt a user for a password when the enable command is used. The other three are used to configure a password when user mode is accessed through the console port, through the auxiliary port, or via Telnet.

Router (config) # enable secret cisco
Router (config) # enable password cisco123

Encrypting Your Passwords

Because only the enable secret password is encrypted by default, you’ll need to manually configure the user-mode and enable passwords for encryption.

To manually encrypt your passwords, use the service password-encryption command.

Router# config t
Router (config) # service password-encryption
Router (config) # exit


Sets the user-mode password for the auxiliary port. It’s usually used for attaching a modem to the router, but it can be used as a console as well.

Router# config t
Router (config) # line aux 0
Router (config-line) password cisco
Router (config-line) # login
.Router (config-line) # exit


Sets a console user-mode password.

Router# config t
Router (config) # line consol 0
Router (config-line) password cisco
Router (config-line) # login
Router (config-line) # exit


Sets a Telnet password on the router. If this password isn’t set, then Telnet can’t be used by default.

Router# config t
Router (config) # line vty 0 5
Router (config-line) # password telnet
Router (config-line) # login

Setting Up Secure Shell (SSH)

Instead of Telnet, you can use Secure Shell, which creates a more secure session than the Telnet application that uses an unencrypted data stream. Secure Shell (SSH) uses encrypted keys to send data so that your username and password are not sent in the clear.


A Banner is more than just a little cool—one very good reason for having a banner is to give any and all who dare attempt to telnet or dial into our internetwork a little security notice. And we can create a banner to give anyone who shows up on the router exactly the information we want them to have.

Message of the day (MOTD) is the most extensively used banner. It gives a message to every person dialing into or connecting to the router via Telnet or an auxiliary port, or even through a console port

Router (config) # banner motd *Welcome to router 1 *

Login banner

We can configure a login banner to be displayed on all connected terminals. This banner is displayed after the MOTD banner but before the login prompts. The login banner can’t be disabled on a per-line basis, so to globally disable it, you’ve got to delete it with the no banner login command.

Router (config) # banner login &You are into router 1&

Example of Telnet/Banner

Is it Helpful?
Copyright ©2015 Hub4Tech.com, All Rights Reserved. Hub4Tech™ is registered trademark of Hub4tech Portal Services Pvt. Ltd.
All trademarks and logos appearing on this website are the property of their respective owners.