Adding Cisco IOS or NX-OS Systems

Overview

If you are adding a Cisco IOS or Cisco NX-OS system, you can add a user name and password for an account to be used to access the system when adding the system or at a later time.

You can specify any valid local user account and password. In most cases, however, you would specify admin or an account with similar privileges for which you want to manage the password. Only local accounts that can change their own passwords are supported.

For any account you add, you can choose whether or not you want the Privileged Access Service to manage the account password. If you select Manage this credential, the Privileged Access Service automatically resets the password immediately after the account and system are added and each time the account is checked in.

If you select Manage this credential for Cisco IOS and NX-OS devices, you should keep in mind that the Privileged Access Service can only manage passwords for privileged user accounts that have sufficient rights to configure and save settings. In addition, if there are any pending changes for other user accounts, those changes will be saved when the Privileged Access Service updates a managed password.

You should also keep in mind that only the Privileged Access Service will know the managed password being generated and stored. You should not select this option if you don’t want the Privileged Access Service to manage the password for the account.

For more information about password and system management for Cisco systems, see the following topics:

• Password Complexity Rules
• Changing Cisco IOS or NX-OS System Settings

Password Complexity Rules

All managed passwords generated by the Privileged Access Service consist of at least one upper case letter, one lower case letter, one number, and one special character regardless of the system type. For Cisco NX-OS systems, the following additional password rules apply:

• Minimum password length: 12 characters.
• Maximum password length: 32 characters.
• Supported special characters: !@#%&()*+,-./:;<>[]^_{|}~

For Cisco IOS systems, the following additional password rules apply:

• Minimum password length: 12 characters.
• Maximum password length: 25 characters.
• Supported special characters: !@#$%&()*+,-./:;<=>[]^_{|}~

Changing Cisco IOS or NX-OS System Settings

You can use the System Settings to update the following types of information after adding a system:

• Change the session type or port number for remote connections.

  You can manually select secure shell or remote desktop and change the port number for remote sessions. If you don’t specify a session type and port, the secure shell client and port 22 are used by default.

• Select a system time zone.

  You can manually select the time zone you want to use for any system. If you don’t specify a time zone, the local time zone of the system is used by default.

• Add or modify the optional description of the system.