Cisco IOS User Management

The fundamental level of security in Cisco IOS devices is password. Passwords are set for router lines and privilege levels from 1 to 15. For more fine grained control we can add administrative users and assign privilege levels for them instead of directly using prvilege level passwords.

This will add a user to the router's local user database:
RouterA(config)#username safeer password $my&pass12#$

Assign privilege level 10 to the safeer:
RouterA(config)#username safeer privilege 10

Alternatively, we can combine the two commands as:
RouterA(config)#username safeer privilege 10 password $my&pass12#$

By default Cisco Devices are configured to use password only authentication. To change this and instruct the device to use local user database do as follows:

To enable user based authentication for vty line (telnet)

RouterA(config)#line vty 0 197
RouterA(configline)#login local

Now login to the router through telnet

[safeer@LinuxBox1 ~]$telnet RouterA
Trying 192.168.0.14...
Connected to RouterA (192.168.0.14).
Escape character is '^]'.

User Access Verification

Username: safeer
Password:
RouterA#show privilege
Your current privilege level is 10

Now suppose that the router is not configured to accept usernames by default. You have the telnet password and a username password pair. In this situation you can use the "login" command to instruct the router to promt for a password:

[safeer@LinuxBox1 ~]$telnet RouterA
Trying 192.168.0.14...
Connected to RouterA (192.168.0.14).
Escape character is '^]'.

User Access Verification

Password:
RouterA>show privilege
Your current privilege level is 1
RouterA>login
Username: safeer
Password:
RouterA#show privilege
Current privilege level is 15