Privilege Mode In Enable Mode

The yangcli-pro program supports a privileged mode in the yp-shell enable mode.

If CLI parameter --with-enable-mode=true is used, the user must enter the command 'enable' and provide the password if configured before they gain a privilege exec mode to change the configuration of the server. The command 'config term' will only be present in enable mode. Within enable mode, the 'config term' command is used to enter configuration mode.

  • Use the enable command to enter ‘enable mode’.

  • Use 'enable password' to create a password.

  • Use 'enable no-password' to delete the password.

The 'enable password' command is used to configure a password and store it in the $HOME/.yumapro/.yangcli_password.pswd file. After a password is configured, the privilege mode will be enabled and the password file will be saved. Any time the user enters the enable mode, the user is prompted for the password instead of just going to the enable mode right away.

The 'enable no-password' command will delete the configured password and the $HOME/.yumapro/.yangcli_password.pswd file. The privilege mode will be disabled.

If the server does a factory restart then the .yangcli_password.pswd file will be deleted by the server and password will be removed. The privilege mode will be disabled.

The 'enable' command is only available in the yp-shell program. The yangcli-pro program does not have this command.

If --with-enable-mode=false, or not used, the 'config term' command will be present and the 'enable', 'enable password', and 'enable no-password' commands will not be present.

./yp-shell with-enable-mode=true --restrict-edit-mode=true

enable (config mode)

Use the enable command to enter enable mode. This command will cause the '#' prompt to be used. Only config mode commands such as "apply" and "exit" are allowed in this mode.

user1> show vars | include with-enable-mode
  with-enable-mode true

user1> show vars | include restrict-edit-mode
  restrict-edit-mode true

user1> enable <TAB>
no-password  password
user1> help enable full

  Use 'enable' to enter enable mode for yp-shell.
  Use 'enable password' to configure the password.
  Use 'enable no-password' to remove the password.

  If a password has been set, then it will be required to
  enter enable mode.
    choice pass
      leaf password [string]
        Configure the password.

      leaf no-password [empty]
        Remove the password.

user1> enable
config  exit

thue@andy-u14# config t

user1(config)# int8.1 8

user1(config)# do show running
nc:rpc-reply {
  data {
    t:int8.1 8

user1(config)# exit
user1# exit

enable password

Use the 'enable password' command to configure a password. After the password is configured, future attempts to enter enable mode by the user will be prompted for the password instead of just going to enable mode right away.

user1> enable password=xxxxxxxxx
Re-enter password:
Enable password entered

user1> enable
Enter password:xxxxxxxxx

user1# config t
user1(config)# exit
user1# exit

user1> enable
Enter password:xxxxxxxxx


enable no-password

Use the 'enable no-password' to delete the configured password. After this command, the user will enter enable mode without getting prompted for password.

user1>enable no-password
Enable password entered:
Enable password removed

user1> enable

user1# <TAB>
user1# config exit