WebsiteLinkedIn

Create a New Cisco IOS User

Step 1:

  • Log into the Cisco IOS command line interface (CLI) using your assigned credentials.

  • Enter the following CLI commands to create a user with the required privileges. In the code example below, items in line 2 have explanations in the tip shown below the code example.

Configure terminal
Username <epiphany_user> privilege <privilege# 2-14> secret <password>
Privilege exec all level <user_privilege> show
File privilege <user_privilege>
Exit
Write memory

Code Line 2 Explanations

  • Username: The recommended username is epiphany.

  • Privilege: The privilege number cannot be 0, 1, 15, or another number currently in use unless it is a read-only level.

  • Password: Be sure the password meets your organization’s password policy.

Example Commands

Here is an example of what the commands should look like:

Configure terminal
Username epiphany privilege 5 secret supersecretpassword
Privilege exec all level 5 show
File privilege 5
Exit
Write memory

Users can also be created in an AAA Server. These privileges are made to provide Epiphany the minimum rights needed to perform its tasks..

Enable SSHv2

Step 2:

  • Enter the following CLI commands to enable SSHv2 on the Cisco IOS appliance. In the code example below, items in lines 2 and 3 have explanations in the tip shown below the code example.

Configure terminal
*ip domain-name <domain name for org>
*crypto key generate rsa modulus 1024
ip ssh version 2
Username <previously created user>
Key-string
End
Write memory

Code Lines 2 and 3 Explanations

  • Line 2: The command in line 2 is only needed if a domain name is not currently set up. It is needed to use SSHv2.

  • Line 3: The modulus needs to at least be 768 for SSHv2. 1024 is recommended.

Example Commands

Here is an example of what the commands should look like:

Configure terminal
ip domain-name orgdomainname
crypto key generate rsa modulus 1024
ip ssh version 2
Username epiphany
Key-string
End
Write memory

This process must be repeated for all Cisco IOS devices that Epiphany will interact with.

JSON Storage of Network Credentials

Step 3:

  • The username, password, and IP address need to be stored in a JSON file in the format shown below:

{"ip":"192.168.0.1", 
    "user":"username", 
    "passw":"password123"}, 
{"ip":"192.168.0.2", 
    "user":"username", 
    "passw":"password123"}

Be sure the data is stored in a secure location prior to uploading it to Epiphany.

PreviousCisco IOSNextAdd the Cisco IOS Credentials to Epiphany

Last updated