show privilege
Displays the current privilege level of the user session, used to verify access rights and confirm the effective privilege level after authentication or privilege escalation.
show privilegeWhen to Use This Command
- After logging in to a device, verify that you have the expected privilege level (e.g., 15 for full access).
- Troubleshoot why certain commands are not available by checking if the current privilege level is sufficient.
- After using the 'enable' command, confirm that the privilege level has been elevated.
- When configuring privilege levels for different users, test that the correct level is assigned.
Command Examples
Verify current privilege level after login
show privilegeCurrent privilege level is 15
The output shows the current privilege level is 15, which is the highest level (privileged EXEC). This indicates the user has full access to all commands.
Check privilege level after using 'enable'
show privilegeCurrent privilege level is 1
The output shows privilege level 1, which is user EXEC mode. This means the user has not yet entered the enable command or authentication failed, so only basic commands are available.
Understanding the Output
The output of 'show privilege' is a single line indicating the current privilege level. The privilege level is an integer from 0 to 15. Level 1 is user EXEC mode (limited commands), level 15 is privileged EXEC mode (full access). Levels 2-14 are custom levels that can be configured. A level of 0 is reserved for the most basic commands. In a real network scenario, if you see level 1 but expect level 15, you need to use the 'enable' command and provide the correct password. If you see level 15 but cannot execute certain commands, check if those commands are restricted to a specific privilege level or if there are other authorization mechanisms (like AAA) in place.
CCNA Exam Tips
CCNA exam tip 1: The 'show privilege' command is often used in troubleshooting scenarios to verify that the user has the appropriate access level.
CCNA exam tip 2: Remember that privilege level 15 is the highest and gives full access; level 1 is the default for user EXEC mode.
CCNA exam tip 3: The exam may test your understanding that 'enable' command raises the privilege level from 1 to 15 (or a configured level).
CCNA exam tip 4: Be aware that AAA can override local privilege levels; 'show privilege' reflects the effective level after authentication.
Common Mistakes
Mistake 1: Assuming that being in privileged EXEC mode always means privilege level 15 — it could be a lower level if custom levels are configured.
Mistake 2: Forgetting to use 'show privilege' after 'enable' to confirm the privilege escalation was successful.
Mistake 3: Confusing 'show privilege' with 'show users' or 'show sessions' — they show different information.
Related Commands
aaa authentication login default group radius local
Configures AAA authentication for login using a RADIUS server group as the primary method, falling back to local authentication if the RADIUS server is unreachable.
show users
Displays active user sessions on the router, including line type, idle time, and remote IP addresses, useful for monitoring who is logged in and troubleshooting connectivity issues.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions