# Create a New Cisco IOS User

#### Step 1: 

* Log into the Cisco IOS command line interface (CLI) using your assigned credentials.
* Enter the following CLI commands to create a user with the required privileges. In the code example below, items in line 2 have explanations in the <img src="/files/iiOqXip42js7K4ejLRXj" alt="" data-size="line"> tip shown below the code example.

```
Configure terminal
Username <epiphany_user> privilege <privilege# 2-14> secret <password>
Privilege exec all level <user_privilege> show
File privilege <user_privilege>
Exit
Write memory
```

{% hint style="info" %}

#### Code Line 2 Explanations

* **Username:** The recommended username is **epiphany**.
* **Privilege:** The privilege number cannot be 0, 1, 15, or another number currently in use unless it is a read-only level.
* **Password:** Be sure the password meets your organization’s password policy.
  {% endhint %}

#### Example Commands

Here is an example of what the commands should look like:

```
Configure terminal
Username epiphany privilege 5 secret supersecretpassword
Privilege exec all level 5 show
File privilege 5
Exit
Write memory
```

{% hint style="info" %}
Users can also be created in an AAA Server. These privileges are made to provide Epiphany the minimum rights needed to perform its tasks..
{% endhint %}

### **Enable SSHv2**

#### Step 2:&#x20;

* Enter the following CLI commands to enable SSHv2 on the Cisco IOS appliance. In the code example below, items in lines 2 and 3 have explanations in the <img src="/files/iiOqXip42js7K4ejLRXj" alt="" data-size="line"> tip shown below the code example.

```
Configure terminal
*ip domain-name <domain name for org>
*crypto key generate rsa modulus 1024
ip ssh version 2
Username <previously created user>
Key-string
End
Write memory
```

{% hint style="info" %}

#### Code Lines 2 and 3 Explanations

* **Line 2**: The command in line 2 is only needed if a domain name is not currently set up. It is needed to use SSHv2.
* **Line 3**: The modulus needs to at least be 768 for SSHv2. 1024 is recommended.
  {% endhint %}

#### **Example Commands**

Here is an example of what the commands should look like:

```
Configure terminal
ip domain-name orgdomainname
crypto key generate rsa modulus 1024
ip ssh version 2
Username epiphany
Key-string
End
Write memory
```

This process must be repeated for all Cisco IOS devices that Epiphany will interact with.

## **JSON Storage of Network Credentials**&#x20;

#### Step 3:&#x20;

* The username, password, and IP address need to be stored in a JSON file in the format shown below:

```json
{"ip":"192.168.0.1", 
    "user":"username", 
    "passw":"password123"}, 
{"ip":"192.168.0.2", 
    "user":"username", 
    "passw":"password123"} 
```

{% hint style="warning" %}
Be sure the data is stored in a secure location prior to uploading it to Epiphany.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.reveald.com/technical-documentation/data-sources/cisco-ios/create-a-new-cisco-ios-user.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.