cancel
Showing results for 
Search instead for 
Did you mean: 

enable super-user-password

nbctcp
New Contributor III

I need to understand behaviour of that command

I beleive function of "enable super-user-password" is like cisco enable.
Anyone that know that password could become admin after enable

# enable super-user-password adminpwd
Let say I have user operator2 with priviledge 5
When he login using his password then type enable, he could become admin like issuing "conf t"


The problem was, when I try to disable that command using this

#no enable super-user-password
Error - delete other passwords first, delete super-user password last
then I did
need to delete in order
#no enable read-only-password
#no enable port-config-password
#no enable super-user-password

After that any user in that switch including admin can't enable anymore using their own passowrd or "super-user-password" password

?
1. what's the correct procedure to disable "super-user-password" 
2. in what scenario I need to use it because anybody could become admin
tq

1 ACCEPTED SOLUTION

BenBeck
Moderator
Moderator

I'm not 100% sure of what you are seeing on the CLI there, but if you remove all three of those 'enable' commands, you simply will not have a default check when you type enable. I should note that this type of check is deprecated in 9.x and we now advise to use aaa lists to secure enable. If you are seeing something unexpected or need help configuring further, please feel free to open a case (see my signature). 

 

Ben Beck, RCNA, RCNI, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us

View solution in original post

1 REPLY 1