Can we set password for console access to ICX, if yes, how ? please help me, I
would owe someone for life!!!!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-09-2020 05:45 AM
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-09-2020 08:32 PM
aaa authentication login default local
enable aaa console
username password
Use console timeout to set a timeout for console sessions.
Lots more details in the management and security configuration guides
https://docs.arris.com/bundle?labels=181&labels=187&labels=186&labels=185&labels=184&labels=184&labe...
enable aaa console
username
Use console timeout to set a timeout for console sessions.
Lots more details in the management and security configuration guides
https://docs.arris.com/bundle?labels=181&labels=187&labels=186&labels=185&labels=184&labels=184&labe...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2020 10:47 AM
Hi Simon,
Thank you for the answer, but I was looking for something like securing ICX so that people cannot connect a console and recover it using boot option.
Regards,
Abilash PR.
Thank you for the answer, but I was looking for something like securing ICX so that people cannot connect a console and recover it using boot option.
Regards,
Abilash PR.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2020 12:08 PM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2020 08:39 PM
Hi Abi
I don't know of a way of disabling the console port completely, if this were done and the password lost there would not be any way of recovering the switch. Setting a strong password on the switch is probably the best option and making sure the device is physically secure as the password recovery process via the boot-interrupt is very disruptive (it requires the switch to be restarted twice) and requires physical access to the switch so it is not considered a security issue in normal environments.
I don't know of a way of disabling the console port completely, if this were done and the password lost there would not be any way of recovering the switch. Setting a strong password on the switch is probably the best option and making sure the device is physically secure as the password recovery process via the boot-interrupt is very disruptive (it requires the switch to be restarted twice) and requires physical access to the switch so it is not considered a security issue in normal environments.
Another option is to put the switch into FIPS mode which disables password recovery is disabled, this also enforces a number of other security policies so please study the FIPS guide closely before enabling it.
Simon
![](/skins/images/36040589FA2D2372A84792B8BB6A366C/responsive_peak/images/icon_anonymous_message.png)
![](/skins/images/36040589FA2D2372A84792B8BB6A366C/responsive_peak/images/icon_anonymous_message.png)