cancel
Showing results for 
Search instead for 
Did you mean: 

Can we set password for console access to ICX, if yes, how ? please help me, I would owe someone for life!!!!

abilashpr
Contributor III
 
5 REPLIES 5

simon_pollard
Contributor II
aaa authentication login default local
enable aaa console
username password  

Use console timeout to set a timeout for console sessions.

Lots more details in the management and security configuration guides 
https://docs.arris.com/bundle?labels=181&labels=187&labels=186&labels=185&labels=184&labels=184&labe... 

abilash_pr_ir5b
New Contributor III
Hi Simon,

Thank you for the answer, but I was looking for something like securing ICX so that people cannot connect a console and recover it using boot option. 

Regards,
Abilash PR.

abilash_pr_ir5b
New Contributor III
Hi  Simon,

Could we disable ICX console port ?


Regards,
Abilash PR.

simon_pollard
Contributor II
Hi Abi

I don't know of a way of disabling the console port completely, if this were done and the password lost there would not be any way of recovering the switch. Setting a strong password on the switch is probably the best option and making sure the device is physically secure as the password recovery process via the boot-interrupt is very disruptive (it requires the switch to be restarted twice) and requires physical access to the switch so it is not considered a security issue in normal environments.

Another option is to put the switch into FIPS mode which disables password recovery is disabled, this also enforces a number of other security policies so please study the FIPS guide closely before enabling it.

https://docs.arris.com/bundle/fastiron-08090-fipscc-config/page/GUID-C97DB143-3D67-4D0C-BDA3-96432B1...

Simon