Courseiva
SystemGlobal Config

line console 0

Enters line configuration mode for the console port (line 0) to configure console access parameters such as password, timeout, and exec mode.

Syntax·Global Config
line console 0

When to Use This Command

  • Setting a password for console access to secure the router's physical port.
  • Configuring exec-timeout to automatically log out idle console sessions.
  • Enabling logging synchronous to prevent syslog messages from interrupting command input.
  • Setting the privilege level for console users to restrict access to commands.

Command Examples

Basic console password and timeout configuration

line console 0 password cisco login exec-timeout 5 30
Router(config-line)# password cisco
Router(config-line)# login
Router(config-line)# exec-timeout 5 30
Router(config-line)#

The 'password cisco' sets the console password to 'cisco'. 'login' enables password authentication at login. 'exec-timeout 5 30' sets the EXEC timeout to 5 minutes and 30 seconds.

Enabling logging synchronous and setting privilege level

line console 0 logging synchronous privilege level 15
Router(config-line)# logging synchronous
Router(config-line)# privilege level 15
Router(config-line)#

'logging synchronous' prevents console messages from interrupting command input. 'privilege level 15' grants full privileged EXEC access to console users.

Understanding the Output

The 'line console 0' command itself does not produce output; it changes the prompt to 'Router(config-line)#'. Subsequent configuration commands are entered under this mode. The 'show running-config | section line con 0' command can be used to verify the configuration. Look for lines such as 'password cisco', 'login', 'exec-timeout 5 30', 'logging synchronous', and 'privilege level 15'. Ensure the password is not in plaintext if 'service password-encryption' is enabled. A missing 'login' command means no password is required, which is a security risk. The exec-timeout should be set to a reasonable value (e.g., 5 30) to prevent unauthorized access from idle sessions.

CCNA Exam Tips

1.

Remember that 'line console 0' is used for the physical console port; 'line vty 0 4' is for remote Telnet/SSH access.

2.

The 'login' command is required to enforce password authentication; without it, the password is ignored.

3.

CCNA exam may test that 'exec-timeout 0 0' disables timeout (not recommended for security).

4.

Know that 'logging synchronous' is a common console configuration to improve usability.

Common Mistakes

Forgetting to issue the 'login' command after setting a password, resulting in no authentication.

Setting 'exec-timeout 0 0' thinking it means no timeout, but it actually disables timeout, which is a security risk.

Confusing 'line console 0' with 'line vty 0 4' and applying console-specific commands to VTY lines.

Related Commands

exec-timeout [min] [sec]

Sets the inactivity timeout for an EXEC session on a line, automatically logging out idle users to free up resources and enhance security.

line vty 0 4

Enters line configuration mode for virtual terminal (VTY) lines 0 through 4 to configure remote access settings like Telnet/SSH, ACLs, and timeout parameters.

logging synchronous

Prevents console and VTY line output from being interrupted by unsolicited system messages, ensuring that command output remains readable.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions