13 hours 57 minutes
Hello and welcome back. Dicey Anyone interconnecting Cisco networking devices Part one.
This is absurd to 13 using the seal I I'm Trend Darrow, and I'll be a structure for this course. In the last video, we went over how to access the command line interface of a switch
to include the Consul Port Telnet, S S H and a few of the Web server variations.
In this episode, we were covering how to actually use this, Eli, some of different modes and how the Cisco Iowa's tries to help you out.
All rights are learning objectives. For this episode, we're going over the differences in the user and privilege modes so little bit about passwords, security,
the tab completion and some other Iowa's help features. And that, lastly, with the debug and show commands
quick pre assessment here, what privilege level do you think the user mode is? Give you a few seconds to posit video and try and figure it out
right? It is user level one or privileged of a one
and like the rest this lesson This is my life set up right here at my Windows 10 host with a boom to server VM
at a council cable. US speed to it. The Windows 10 host is going through my so router to the switch and my boon to servers going right to the switch.
All right, So user and enable modes. So by default is two different privilege levels. There's user mode enabled.
So user mode is also called the user exact mode or execute mode. This is gonna be privileged of a one.
and the enable mode is going to be the provisional 15 or sometimes called the privilege Executive Otis. So you see, user motor privilege mode sometimes
so actually change in and out of the commands. You can tell you've been able to go from user mode to enable mode or disable
to go from enable mode to use her mode. So I'm gonna go ahead and bring up the party session here.
All right. So currently we are in. So if we do a show,
We're currently have 15. So we're in
the enable motor privileged executive. So if we do a disable
and do a show
privilege were now in privileged of a one or a user mode
or user exact mode,
and we're back in 15 again.
All right, so a little bit of passwords security. So by default, the only thing that has allowed his counsel access But the council has no actual passwords on it by the fault,
because they kind of assumed that if you have physical access to the switch, your should be allowed to be there.
Um, And if you're not supposed to be there, you can just follow the well documented password recovery procedures that Cisco has published.
Um, just kind of, you know, there is.
They assumed that if you're gonna be there, you're supposed to be there, or if you're not supposed to be here, you can just break it. It's not. It's not hard,
but you had the enable mode password. So that's actually to get into that privilege double 15 or the
privileged exact mode.
So it's a different ways of logging in, though. What you set up telling that Taurus the sage reasonable. The council. You can have a local username password database, which is where you guys see me, type in Trent and then type in a password and have that said it was a local account on the switch where you can actually set up online passwords as well, Where you just have ah, just log in.
So some of the common encryption types is type zero is just clear text. It's not encrypted at all. So I have a couple of these set up already in the switch, so I'm gonna bring putting back up.
But, uh, so tight fives nd five hashed type seven is vague near cipher, which is not strong. I'll show you how easy that is to crack in just a moment here
and then it to encrypt all passwords you do Service space, password, dash encryption. This is the This will actually encrypted with a type seven. So it's more or less used for shoulder surfing,
right? So if you look at his Ryan config, someone looks at the running config and sees a bunch of numbers. They're not gonna know
what the password is. Student, You know
it's not. It'll be super easy to crack.
What has stopped someone from just looking at a password real quick.
Go on, bring out my party session here
and let's do a
show Run. I'll show you a
So here we have my local log in username real quick.
Have it set too privileged little 15. So that way, when I log and I go right into the privileges executor and able mode,
this is with secret five. Meaning the five type there.
And this is the actual MD five hash. Right?
So I'm gonna show you a clear text password here. Show Run
It's a line.
So here we have a clear text password. So this would just be type zero
we have It is well done here,
So if we do a service
I got to you
and we go back to shore. Run, begin its line.
Now we are at password seven.
So I'm gonna copy this hash hero quick,
and I'm gonna ring up. Just you can look these up online. Cisco type seven passer trackers.
Somebody get poor decision of the way real quick.
So I'm just gonna paste in the hash verse about already right there.
I mean, just have a second. If not even
it takes no time to crack type seven.
That's why it's just usually just used for shoulder surfing. So If you look in the running config,
you can't really see it. That's about all it's used for.
So I was talking about the different log in types. So right now, if I log in on the S S h or tell nut it's set to use the local database, she'll see here the log in local.
So if let's say we want to do a cut off T line counsel
still a password of again,
and we just want to do log in
so many exit out of this,
Go back in. So now we need a password to go in the council.
So just do Nimda we're in because it's not utilizing that local password database like the tell Net and
sssh sessions are seeing
all right, someone to go out and close out of this real quick
heart again. MD five is the one you're actually gonna want. So the way you can get that is if you do an enable secret,
so let me actually bring back party again. Sorry.
And let's go into let me see if I have enable secret actually do so.
There's need to show Ron
begin at enable
Rio. So what I want to do.
You actually just copy this?
We're going to configuration terminal.
I've been no
paste. It's on now. If we go back to
that should be nothing. There
didn't pop because it hasn't been able command. So now we're just going to come for tea.
What to do? Enable.
And what options do we have? We can use password, which will give it
the clear text
where we can you secret, which will use the level for type five.
Where do? Named again.
Oh, that's right.
So that's what you can actually copy it from other router configurations.
So if you do enable secret five, this is telling you this is telling the switch, which, uh,
which type of hash it iss. Right. So you can just copy that exact tach, one or script. Pace it in here.
That way you don't ever have to see the clear texas long as you know it.
So now if we go back into the showroom
began at enable
we have the MD five hashed enable secret again.
So a little bit out Cisco makes life. He's here. I'm sure you've seen a little bit by now. We're
you know, I can hit tab and complete the word.
It's a quick way if you're trying to think of right word, you gonna tab if it completes, You know,
you know that it's about the right word.
Um, the question mark will tell you if you're in the middle of a word, it will tell you what words are available to for that to be completed with
or if you have, you know, calm configure space question mark. It will tell you the different types off
configurations you could do. So
the up and down arrows will go through your previous commands.
Left and right will move the arrows, control a We'll move you to be getting on the line,
Control. You will move you to the other line
so I will go ahead and bring putting up again and show you how it works.
So I'm gonna do camp
We bring in terminal so I won't hit the question mark.
And here's all the different commands we can use. So let's go ahead and do term tab.
No, we're in.
So if we go and to do it,
here's where you can actually use shorthand.
So you gonna interface f A 01
or we can do interface fast. Ethernet. It's zero slash one.
You can do both. They both do the same thing one just a little quicker,
But it is good to know the full command. Um,
I've heard where
some exams won't allow you to use the tab completion. Some will. So be aware that that is an option. You should know the command.
So if we go into switch ports
Sophie hit. We're in the middle of a word here which hit P question mark. And we have three different options. We have priority protected in port security.
Yes, we do others options so she can go and exit out of this
and we will move on. Okay, I'll show you the
let's say you're in the middle of this comment. I gotta go back to control a
backspace to what you want me. And then you can you can continue again
and we will move on. So, debugging show command. So debug is kind of tells you what is actually currently happening
in the switch. The show command kind of gives you a snapshot
of the different configurations of status is of the ports and switch can fix, right?
So once again, I will bring putty up here. Just get through that.
So if we do a show
I p interface F a 01
See, it's up and up
and her face phase. You're one.
Give a little more information here.
Got C Mac, we got a description that we had said earlier.
We're full duplex in 10 megabits per second.
Uh, I'm actually gonna go change that right now, so don't forget in the wonder why we're slow
So I believe we're going to auto here. Yeah,
so I have a couple of debug things going on right now. That's what all these you see in the back are doing right now.
So I do a show debugging.
Here's the three that I currently have on.
I just did it so you can kind of see that debug
happens in real time. It shows you everything that's happening in real time here.
So I'll show you another one real quick. You're gonna see. I'm gonna go unplug one of the switch ports
and you'll see it just go crazy again. So give me one moment.
All right? Now, I'm gonna go ahead and plug it back in.
All right? So you could see that debug does everything kind of real time. Um, the one commander gonna want to avoid his debug. All
I know, you might be curious,
but just in case you hit it, it's gonna warn you. Um, it will
kind of freezing your brother for a minute.
The quick way to get out of it, in case you do, is either to turn it off or
type you all you space all in our window and then copy it and Hanner
copy Paste on her. Um,
you all actually stands for under bug. All
So if you just copy that from a north thing and then just enter
turn it off. It will take a second to respond to it. You'll sit there and keep typing, and you wonder why it's not responding. It had takes a second to roll through all the commands, cause it'll be backlogged.
A quick post assessment here. What is the privilege level of the enable mode or the privileged exact mode?
Give you just a few seconds.
All right. Hopefully you got 15. Remember the Teen Able Motives 15 or privilege? Exact. And the user mode is one.
And in except sold. We're gonna go a little bit over the Cisco Iowa software management's.
And, of course, if you guys have questions or you need help, go and feel free to shoot the message. Otherwise, thank you for Washington's course,
and I look forward to teaching the rest of it. Thank you.
This course will enable students to understand virtualization and cloud services, and network programmability related to LAN, access and core segments.