Line console password vs privilege mode enable secret

Hi all,
Below is my running config ->
line con 0
exec-timeout 0 0
privilege level 15
password cisco
logging synchronous
login
q1) how come every time i will enter privilege mode once i enter the console password ? can I choose to enter normal user mode instead ? is it via setting the privilege level ?
q2) I understand that for enable privilege mode, i can set secret/encrypted password for the enabling.
R1#config t
R1(config)#enable secret cisco
Where does the encryption take place ? is it only to just md5 the password text in the configuration file only ? if i were to sniff the password over the network, i will still see clear text "cisco" ?
q3) Why can't i do so (setting secret/encrypted) password for line (vty,con etc) login ?
q4) for q3, after google, i realize i need to issue service password-Encryption
a) does this command "encrypt" again my current enable secret password ? -- i think its no cause i see no changes in show run
b) why do we have to issue this command to encrypt my line,vty etc password ? why can't we use the "secret" command ?
c) what the different between this "service password-Encryption" and "secret" ? why do we need to have both ?
q5) is all the service password-Encryption, enable secret etc, just basically hashing or encrypting the actual text password in the config file. is there anyway of encryption over the network ?
Thanks,
Noob

a) why vty, console line cannot have hashed password like enable secret ? -- the only way to use secret is to have login local and create local username with secret password
Because they can't, its as simple as that really.
Like you said, the only way to protect the password using an MD5 hash is to create a username and password and ensure you use the secret command like:
username admin secret password
b) is all the service password-Encryption, enable secret etc, just basically hashing or encrypting the actual text password in the config file. is there anyway of encryption over the network ?
Its just using an MD5 hash
Where its encrypted or not over the network will depend on whether you use Telnet or SSH to connect to the switch.
Telnet is plain text so even using an MD5 password will still be visible if someone were to packet capture your telnet session.
SSH in encrypted so use this whenever possible.

Similar Messages

Line Console Login

Hello Everyone,
Since i've configured ssh on my vpn router IOS won't let me add the "login" command on line console 0. I know it's an aaa issue but im not that familar with aaa. How can i restore the login feature in line console with aaa new-model enable?
Configs:
Building configuration...
Current configuration : 5741 bytes
version 12.4
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
no service password-encryption
hostname my_vpn
boot-start-marker
boot system flash c870-advipservicesk9-mz.124-4.T8.bin
boot-end-marker
logging buffered 8196 debugging
enable password 1234
aaa new-model
aaa session-id common
resource policy
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
ip cef
no ip domain lookup
ip domain name mydomain.com
username cisco password 0 cisco
snip
line con 0
password cisco
no modem enable
line aux 0
line vty 0 4
password abcd
transport input telnet ssh
Thanks

Guys,
I found this site lastnight and is actually just what you guys suggested.
http://www.freeccnaworkbook.com/labs/section-3-configuring-basic-cisco-device-security/lab-3-3-configuring-aaa-authentication-lists/
Rick,
I used aaa new-model because i use ssh with rsa to remotely login into the router.
Configs:
Building configuration...
Current configuration : 5741 bytes
version 12.4
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
no service password-encryption
hostname my_vpn
boot-start-marker
boot system flash c870-advipservicesk9-mz.124-4.T8.bin
boot-end-marker
logging buffered 8196 debugging
enable password 1234
aaa new-model
aaa authentication login console_authentication local
aaa authorization console
aaa session-id common
resource policy
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
ip cef
no ip domain lookup
ip domain name mydomain.com
username cisco privilege 15 password cisco
snip
line con 0
password cisco
login authentication console_authentication
no modem enable
line aux 0
line vty 0 4
password abcd
transport input telnet ssh
Thanks
Cyril

Login to directly into "privilege mode"

Hi All,
I have created users and given them telnet access to router 7200.
They have full privilges(15) but everytime they login they login into user-exec mode instead of privilege mode.
Is there a way to skip user-exec mode and allow the users to login directly into privilge mode so they dont have to enter password twice?
Thanks!!

Opening a new thread might be a good idea - though at this point we have gone far enough (and I am not sure how much further this discussion will go) that we might as well just continue this thread.
While IOS devices have mechanisms that will allow you to configure that a user goes directly into privilege mode I do not believe that this works on the ASA - at least for the command line. If you login to ASDM to manage the ASA you will go directly to privilege mode. But for command line (SSH, telnet, etc) you will go to user mode and be required to enter another password for privilege mode. I do not know a way to get around that for ASA command line.
HTH
Rick

TACACS+ not log into privilege mode

With the same TACACS+ account, I observed different behavior on different routers.
On some routers, it automatically goes into privilege mode (enable mode). On others, it doesn't.
Router config is as below. What debug I need to turn on to troubleshoot this problem? Thanks!
aaa new-model
aaa group server tacacs+ corp
server-private x.x.x.x key 7 12383525115F07123B
server-private y.y.y.y key 7 052A363D2218451F08
ip vrf forwarding corp
aaa authentication login default group corp local-case
aaa authorization exec default group corp if-authenticated
aaa authorization commands 15 default group corp if-authenticated
aaa accounting exec default
action-type start-stop
group corp

To force you computer into safe mode you will need to edit the boot.ini file if you are unable to use F8 Boot-Time screen.
Append your boot.ini file with the following switches:
Mode: Safe Mode
     Switch: /safeboot:minimal
Mode: Safe Mode with Networking
     Switch: /safeboot:network
Mode: Safe Mode with Command Prompt
     Switch: /safeboot:minimal(alternateshell)
So it will look something like the following:
[boot loader]
   timeout=30
   default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
   [operating systems]
   multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows XP" /fastdetect /SAFEBOOT:MINIMAL
**REMEMBER**
Editining this file can be dangerous and can cause the system to be unbootable if you get something wrong.
There is no reason why the F8 command shouldnt work, Just keep tapping it as soon as the PC POSTs
To Disable Automatic Reboot on a BSOD:
1. From the desktop right click on My Computer.
2. Click the Properties option.
3. In the System Properties window click the Advanced tab.
4. In Advanced click the Settings button under Startup and Recovery.
5. In the Startup and Recovery window uncheck the Automatically restart check box.
6. Click Ok.
Hope This Helps

Disable password for privileged Exec mode via Telnet

I've looked around for an answer for this specific issue but haven't been able to find one yet. Hoping this is easy and someone can point me in the right direction.
When logging into a 2950 switch via Telnet, I'm prompted for a password when attempting to "enable" privileged mode. I want to disable the password requirement for now (home lab, not production). When I initiate the "no enable password" or "no enable secret" command (via a console connection), and try to initiate the enable command, I receive the message "% No password set". If I now attempt to enable privileged mode from the console, I'm not asked for a password. How can I disable the password prompt for VTY mode?
Thanks!

Thanks for the suggestion; I've tried it but am still asked for a password.
From global config, I entered:
line vty 0 15
privilege level 15
exit
Am I missing any steps there?
Thanks!

ACS 5.3 Different password for privilege exec mode

This is what I would like to do for our Core Routers. Not too familiar with ACS, so please excuse me if I don't provide you will all the details.
Right now I have ACS 5.3 which is tide to Active Directory. When a user logs in they use there AD credentials to access the CLI and use that same password to access privileged exec mode.
What I want to do is have users log in using their AD credentials like normal but have a unique password to access privileged exec mode, different for each user.
So far this is what I have done:
1) Created a test user (same as AD user name) in the Internal Identity Store
Password Type: Internal Users
normal password set differently that Enable Password (I think Enable Password will only be relevant)
2) Created a rule under Access Policies > Device Admin - Commands > Identity
- Created Rule with Current Condition Set (TACACS+:Authen-Type match ASCII And (TACACS+:Action match Login AND TACACS+Service match Enable))
- Identity Source: Internal Users
When I enable the rule. I can login with my AD credentials, but when I try to access privilege exec mode the password that I created for the local user (regular and enable) does not work.
Question: Do I need to create a shell profile with Maximum privilege value set to something under 15 for the authorization policy and apply it so it will try and use the internal user's enable password?
Not to familiar with how this works. One of my co-workers said I needed to demote the users in order for my rule to work.

Hey Tushar,
That is our current setup. Right now each user logs in with their AD credentials to get into user exec mode and the same password to get into privileged exec mode. I would like to have a user login with their normal AD credentials to get into user exec mode and a different password (specific to each user, not locally on the device) to login to privileged exec mode. We are doing this for security reasons. Hopefully that clarifys what I'm trying to do.
Thanks

How I can connect to router without enterign enable- privilege mode 15?

I don't want ot enter enable mode->privilege mode 15
I want to connect from console to router with entering privelege username and connect to router.
How I can do this?
Thank you

I should do this with aaa-new model and use local username and password

Enable secret

I am a newbie, having just recently acquired my CCNA. I have a new 2811 that I am configuring and the login process is not working as I am used to seeing it work. During the initial setup of the router, I followed the instructions in the banner that indicated I should configure a user and password using the following command:
username router privilege 15 secret 5 password
The privilege keyword is not something I have seen before. I have since researched it and understand it but I think this command is getting in the way of the "standard" login procedure I am used to seeing; in other words, entering a console or vty password followed by using the "enable" command and entering the enable password to get into privileged mode. As it stands now, I can telnet to the router, enter the username and password and get right into privileged mode. I can't decide if this is a security issue or not. The password that is associated with this login method is encrypted just like the enable password I am used to so it seems as though it should be OK. I also configured vty and console passwords on this router but I am now wondering if they are necessary. Will this "privileged" command suffice for both vty and console access? Can anybody shed any light on this for me?
Thank you.
Dan Harris

Dan, if you enter the privilege 15 command this will take you directly to the enabled mode. This is the 'expected' behavior. If you don't want this to happen, change it to:
no username router privilege 15 secret 5 password
username router secret 5 password
Making CLI users login 'directly' into the enable/privileged mode is considered 'less' secure. But that is relative to your security policy and usability requirements. However you will required a privilege 15 user if you plan to user the web-interface to manage the box.
Regards
Farrukh

Why do my firewalls only use the domain username and password for login and enable passwords, not a different enable password like my switches do? The RADIUS config looks the same...

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman","serif";}
Issue:
Cisco firewalls require only one level of password i.e. the domain username and password are used for both logging in as well as reaching global configuration mode.
Background:
We have multiple Cisco network devices set up which authenticate to our Windows domain controller using NPS (Windows 2008 R2). The switches we have set up all function exactly as we would hope as they require your domain username and password to login to the device. They then require a separate password when you use the enable command, this is stored in Active Directory:
Switches:
Username:domain-username
Password:domain-password
SWITCH>enable
Password:enable-password-in-Active-Directory
SWITCH#
Firewalls (as they currently are):
Username:domain-username
Password:domain-password
FIREWALL>enable
Password:domain-password
FIREWALL #
With the firewalls however, they require your domain username and password first, and then your domain password again when using the enable command. I want the firewalls to use the enable level password that the switches currently use instead of the domain password again. The current configuration look like the following:
Current switch configuration:
aaa new-model
aaa authentication login default group radius local
aaa authentication enable default group radius enable
aaa authorization exec default group radius local
aaa session-id common
radius-server host 192.168.0.1 auth-port 1645 acct-port 1646
radius-server source-ports 1645-1646
radius-server key 7 1234abcd
Current firewall configuration:
aaa-server DC01 protocol radius
aaa-server DC01 (outside) host 192.168.0.1
aaa authentication ssh console DC01 LOCAL
aaa authentication enable console DC01 LOCAL
key 1234abcd
Any help would be great, thanks!

Cisco ASA works that way by design. You could remove "aaa authentication enable" and then you could use the "enable password" command to set your enable password.
But if you do that, then ASA would change your username to "enable_15". That would break Authorization and Accounting if you're using them. Let me clarify with an example
Firewalls :
Username:domain-username
Password:domain-password
FIREWALL>show curpriv
Username : domain-username
Current privilege level : 1
Current Mode/s : P_UNPR
FIREWALL>enable
Password:enable-password-from-running-config
FIREWALL #show curpriv
Username : enable_15
Current privilege level : 15
Current Mode/s : P_PRIV
If you're using Authorization and Accounting it's recommended to stick with your current behavior.

ACS with RSA for privilege level 'enable' authentication

Has anyone experienced problems with privilege level "Enable" password authentication via ACS using RSA two factor authentication? We have recently deployed ACS and use RSA two factor authentication for the telnet connection without any problems. When configuring the networking device and ACS to use RSA for the privelledge level authentication "enable" this fails. We get prompted to enter the token code and the RSA server indicates that authentication is succesful however the network device (ASA or switch) seems to reject it.
Are there any tricks to this?
Thanks in advance!

David
Like Collin the first thing that I think of is that you can not use the same token code to authenticate enable mode that was used to authenticate user mode. Beyond that I am not aware of things that should prevent this working. Are you sure that the ACS authentication server is configured to allow that user access to privilege mode?
Perhaps it would be helpful if you would post the config (especially all the aaa related parts) of a device that is having that problem. And it might help find the issue if you would run debug for authentication, try to login to enable mode, and post the output.
HTH
Rick

ACS Appliance 1112 - Authentication Without Enable Secret

Hello Everybody
I have a ACS appliance 1112 to authenticate users by TACACS+ with Active Directory.
The users can access the privileged mode on network devices just with the user AD without typing a enbale secret but after a restart on appliance now the users are asked to typing a enable secret to access the privileged mode.
Is necessary change something on Network Devices or maybe a configuration on ACS ?
Thanks

Please go to the group that belongs to the user in question and make sure we have shell exec checked with priv 15
Bring users/groups in at level 15
1. Go to user or group setup in ACS
2. Drop down to "TACACS+ Settings"
3. Place a check in "Shell (Exec)"
4. Place a check in "Privilege level" and enter "15" in the adjacent field
Also check passed authenticate logs and make sure that user are mapped to the right group of acs.
Regards,
~JG
Do rate helpful posts

Reader X crashes after 30 secs with Protected mode enabled

Having just deployed Reader X to over 100 PC's via group policy I'm a little dishartened to find that Reader X crashes after 30 secs of being open when protected mode is enabled.
Current setup is as followed:-
Clients are XP SP3, Vista SP2 & Win7 (all crash)
Server 2003 R2 domain
Reader X deployed via MSI using GPO with a transform created using the Reader X customization wizard (only set to disable updates as I'll push these out via GPO also when available).
The problem occurs with standard domain users (doesn't happen if you use an admin account to login and run Reader X), once you disable the setting for "enable Protected mode at start up" and restart Reader X it doesn't crash. I've been reading also that the protected mode creats a sandbox environment that some AV products are currently having issues with, so I've also tested by removing my AV on a test client rebooting and running Reader X with protected mode enabled, the Pc will still crash, so that rules out my AV product.
After each crash the client logs an event in the application log
Event ID: 1000
Aource Application error
Description:
Faulting application AcroRd32.exe, version 10.0.0.396, time stamp 0x4cc5e97b, faulting module WININET.dll, version 8.0.6001.18999, time stamp 0x4ccfa98f, exception code 0xc0000005, fault offset 0x0002387b, process id 0xd54, application start time 0x01cbc2ec89ab4cba.
Anyone any ideas on why this happens?

I am seeing the same problem on Vista SP2 32-bit. I enabled the Protect Mode log and see a bunch of errors relating to registry entries. I am running Adobe Reader X 10.0.1 as a standard privilege user. The problem has been intermittent. Repeated attempts to open the same PDF will result in Adobe Reader X failing after 45 seconds, then the next attempt will work fine. I have had situations where an Adobe Reader X instance has been open for hours but a new instance crashed. I have not been able to identify any trigger that might explain the difference in behavior. The problem has gone away since disabling Protect Mode.
>>>
[05:31/19:10:43] Adobe Reader Protected Mode Logging Initiated
[05:31/19:10:43] NtCreateKey: STATUS_ACCESS_DENIED
[05:31/19:10:43] real path: \REGISTRY\MACHINE\Software\Adobe
[05:31/19:10:43] Consider modifying policy using this policy rule: REG_ALLOW_ANY
[05:31/19:10:43] NtCreateKey: STATUS_ACCESS_DENIED
[05:31/19:10:43] real path: \REGISTRY\MACHINE\SOFTWARE\Adobe
[05:31/19:10:43] Consider modifying policy using this policy rule: REG_ALLOW_ANY
[05:31/19:10:44] OpenEvent: STATUS_ACCESS_DENIED
[05:31/19:10:44] name: MSFT.VSA.COM.DISABLE.5900
[05:31/19:10:44] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY
[05:31/19:10:44] OpenEvent: STATUS_ACCESS_DENIED
[05:31/19:10:44] name: MSFT.VSA.IEC.STATUS.6c736db0
[05:31/19:10:44] Consider modifying policy using these policy rules: EVENTS_ALLOW_ANY

How to hide line console parameters through Cisco ACS

Hi,
Can any one of you please help me in the following scenario ?
I want to hide the line console, line aux and line vty configuration parameters of the cisco devices based on user level privillages through Cisco ACS. For example, if a user logs into the devices with privilege level 7, then he should not be able to see the line paramenters on the cisco devices for which he had privilege level 7 access.
Can you please help me out how to achieve this?? Your help in this regard is highly appriciated.
Thanks

This thing is possible with local authorization on IOS device. With ACS this is not possible.
In acs you can set what all commands a specific user can issue. That feature is called command authorization.
For show run you need to give priv 15. ACS works in a different way if you compare it with setting up local priv lvls on router/switch.
Best way to set it up is to give all user priv lvl 15 and then define what all commands user can execute.
Note : Having priv 15 does not mean that user will able to issue all commands.
We will set up command authorization on acs to have control on users.
This is how your config should look,
aaa authentication login default group tacacs+ local
aaa authorization exec default group tacacs+ if-authenticated
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa authorization config-commands
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml
Regards,
~JG
Do rate helpful posts

No password in dev mode please

Hello All,
Why does the WLS console ask for password (I tried to make IE remember the password
but that also did not work).
I am working in the development environment where the re-starting of the app server
is common. now i have to enter the password for admin everytime.
Is there some way to disable it?
In production mode the console password definetly makes sense but not in developement
mode.
regards,
Abhishek.

For now you can simply disable authentication in console.war/WEB-INF/web.xml
satya <[email protected]> wrote:
Abhishek,
Today there is no way to turn off security for console in dev mode. Your
request will be considered for Future release.
cheers,
-satya
Abhishek wrote:
Hello All,
Why does the WLS console ask for password (I tried to make IE remember the password
but that also did not work).
I am working in the development environment where the re-starting of the app server
is common. now i have to enter the password for admin everytime.
Is there some way to disable it?
In production mode the console password definetly makes sense but not in developement
mode.
regards,
Abhishek.
Dimitri

[SOLVED] Freezing while "Setting Consoles to UTF-8 mode"

Hi everyone,
I recently ran a Pacman -Syu on my bare bones network boot HTPC. I rebooted for the first time today due to a network issue which caused the machine to freeze up(since it network boots it couldn't do anything with no network). Now when I reboot it seems to be freezing while performing the "Setting Consoles to UTF-8 mode" step. I am not sure what changed on the system as everything else appears to be in good working order. I don't even know where to start to troubleshoot this issue. I had a look through rc.sysinit and I can see the section but nothing seems amiss when compared to my other working machines here. I had a look through the log files but also nothing pops out. Any ideas?
Here is the latest log for pacman to see what was updated:
[2009-11-14 15:21] synchronizing package lists
[2009-11-14 15:32] warning: /etc/pacman.conf installed as /etc/pacman.conf.pacnew
[2009-11-14 15:32] upgraded pacman (3.3.0-3 -> 3.3.2-1)
[2009-11-14 15:32] synchronizing package lists
[2009-11-14 15:32] starting full system upgrade
[2009-11-14 15:44] upgraded kernel-headers (2.6.30.5-1 -> 2.6.31.5-1)
[2009-11-14 15:44] upgraded tzdata (2009m-1 -> 2009q-1)
[2009-11-14 15:44] warning: /etc/locale.gen installed as /etc/locale.gen.pacnew
[2009-11-14 15:44] Generating locales...
[2009-11-14 15:44] en_US.UTF-8... done
[2009-11-14 15:44] Generation complete.
[2009-11-14 15:44] upgraded glibc (2.10.1-4 -> 2.11-1)
[2009-11-14 15:44] upgraded attr (2.4.43-1 -> 2.4.44-1)
[2009-11-14 15:44] upgraded acl (2.2.47-2 -> 2.2.48-1)
[2009-11-14 15:44] upgraded apr (1.3.8-2 -> 1.3.9-1)
[2009-11-14 15:44] upgraded bash (4.0.033-1 -> 4.0.035-1)
[2009-11-14 15:44] upgraded gcc-libs (4.4.1-1 -> 4.4.2-3)
[2009-11-14 15:45] ATTENTION DB PACKAGE:
[2009-11-14 15:45] Please consider to run db_upgrade on Berkeley DB databases with a major db version number update.
[2009-11-14 15:45] upgraded db (4.7.25.4-1 -> 4.8.24-1)
[2009-11-14 15:45] upgraded libsasl (2.1.23-1 -> 2.1.23-2)
[2009-11-14 15:45] upgraded perl (5.10.0-6 -> 5.10.1-5)
[2009-11-14 15:45] upgraded openssl (0.9.8k-4 -> 0.9.8l-1)
[2009-11-14 15:45] upgraded libldap (2.4.18-1 -> 2.4.19-1)
[2009-11-14 15:45] upgraded apr-util (1.3.9-2 -> 1.3.9-3)
[2009-11-14 15:45] upgraded pcre (7.9-1 -> 8.00-1)
[2009-11-14 15:45] upgraded glib2 (2.20.4-1 -> 2.22.2-1)
[2009-11-14 15:45] upgraded atk (1.26.0-1 -> 1.28.0-1)
[2009-11-14 15:45] upgraded binutils (2.19.1-5 -> 2.20-2)
[2009-11-14 15:45] upgraded bzip2 (1.0.5-4 -> 1.0.5-5)
[2009-11-14 15:45] upgraded xextproto (7.0.5-1 -> 7.1.1-1)
[2009-11-14 15:45] upgraded xproto (7.0.15-1 -> 7.0.16-1)
[2009-11-14 15:45] upgraded fixesproto (4.0-3 -> 4.1.1-1)
[2009-11-14 15:45] upgraded compositeproto (0.4-2 -> 0.4.1-1)
[2009-11-14 15:45] upgraded dbus-glib (0.80-1 -> 0.82-2)
[2009-11-14 15:45] installed eggdbus (0.5-1)
[2009-11-14 15:45] upgraded pam (1.0.4-1 -> 1.1.0-1)
[2009-11-14 15:45] installed polkit (0.94-1)
[2009-11-14 15:45] upgraded kbproto (1.0.3-2 -> 1.0.4-1)
[2009-11-14 15:45] upgraded libx11 (1.2.2-1 -> 1.3.2-1)
[2009-11-14 15:45] upgraded consolekit (0.3.0-5 -> 0.4.1-1)
[2009-11-14 15:45] upgraded curl (7.19.6-1 -> 7.19.7-1)
[2009-11-14 15:45] upgraded device-mapper (1.02.33-1 -> 2.02.53-1)
[2009-11-14 15:45] upgraded dhcpcd (5.1.0-1 -> 5.1.3-1)
[2009-11-14 15:45] upgraded dialog (1.1_20080819-2 -> 1.1_20080819-3)
[2009-11-14 15:45] upgraded dmxproto (2.2.99.1-1 -> 2.3-1)
[2009-11-14 15:45] upgraded enca (1.10-1 -> 1.12-1)
[2009-11-14 15:45] The package is built using sysv ipc. If this causes segfaults
[2009-11-14 15:45] see included README file and rebuild the pkg --with-ipc=tcp
[2009-11-14 15:45] upgraded fakeroot (1.13-1 -> 1.14.3-1)
[2009-11-14 15:45] upgraded fontcacheproto (0.1.2-2 -> 0.1.3-1)
[2009-11-14 15:45] upgraded freetype2 (2.3.9-2 -> 2.3.11-1)
[2009-11-14 15:46] upgraded gcc (4.4.1-1 -> 4.4.2-3)
[2009-11-14 15:46] upgraded git (1.6.4.4-1 -> 1.6.5.2-1)
[2009-11-14 15:46] upgraded gnutls (2.8.3-1 -> 2.8.5-1)
[2009-11-14 15:46] upgraded groff (1.20.1-2 -> 1.20.1-3)
[2009-11-14 15:46] upgraded gzip (1.3.12-6 -> 1.3.13-1)
[2009-11-14 15:46] upgraded hal (0.5.13-2 -> 0.5.13-3)
[2009-11-14 15:46] upgraded sqlite3 (3.6.18-1 -> 3.6.20-1)
[2009-11-14 15:46] upgraded heimdal (1.2.1-6 -> 1.2.1-7)
[2009-11-14 15:46] upgraded inputproto (1.5.1-2 -> 2.0-1)
[2009-11-14 15:46] upgraded kernel26-firmware (2.6.30-1 -> 2.6.31-1)
[2009-11-14 15:46] upgraded module-init-tools (3.10-1 -> 3.11.1-1)
[2009-11-14 15:48] >>> Updating module dependencies. Please wait ...
[2009-11-14 15:48] >>> MKINITCPIO SETUP
[2009-11-14 15:48] >>> ----------------
[2009-11-14 15:48] >>> If you use LVM2, Encrypted root or software RAID,
[2009-11-14 15:48] >>> Ensure you enable support in /etc/mkinitcpio.conf .
[2009-11-14 15:48] >>> More information about mkinitcpio setup can be found here:
[2009-11-14 15:48] >>> http://wiki.archlinux.org/index.php/Mkinitcpio
[2009-11-14 15:48]
[2009-11-14 15:48] >>> Generating initial ramdisk, using mkinitcpio. Please wait...
[2009-11-14 15:48] ==> Building image "default"
[2009-11-14 15:48] ==> Running command: /sbin/mkinitcpio -k 2.6.31-ARCH -c /etc/mkinitcpio.conf -g /boot/kernel26.img
[2009-11-14 15:48] :: Begin build
[2009-11-14 15:48] :: Parsing hook [base]
[2009-11-14 15:48] :: Parsing hook [net]
[2009-11-14 15:52] :: Parsing hook [udev]
[2009-11-14 15:52] :: Parsing hook [autodetect]
[2009-11-14 15:52] :: Parsing hook [pata]
[2009-11-14 15:52] :: Parsing hook [scsi]
[2009-11-14 15:52] :: Parsing hook [sata]
[2009-11-14 15:52] :: Parsing hook [filesystems]
[2009-11-14 15:52] :: Generating module dependencies
[2009-11-14 15:53] :: Generating image '/boot/kernel26.img'...SUCCESS
[2009-11-14 15:53] ==> SUCCESS
[2009-11-14 15:53] ==> Building image "fallback"
[2009-11-14 15:53] ==> Running command: /sbin/mkinitcpio -k 2.6.31-ARCH -c /etc/mkinitcpio.conf -g /boot/kernel26-fallback.img -S autodetect
[2009-11-14 15:53] :: Begin build
[2009-11-14 15:53] :: Parsing hook [base]
[2009-11-14 15:53] :: Parsing hook [net]
[2009-11-14 15:57] :: Parsing hook [udev]
[2009-11-14 15:57] :: Parsing hook [pata]
[2009-11-14 15:57] :: Parsing hook [scsi]
[2009-11-14 15:59] :: Parsing hook [sata]
[2009-11-14 15:59] :: Parsing hook [filesystems]
[2009-11-14 16:00] :: Generating module dependencies
[2009-11-14 16:01] :: Generating image '/boot/kernel26-fallback.img'...SUCCESS
[2009-11-14 16:01] ==> SUCCESS
[2009-11-14 16:01] upgraded kernel26 (2.6.30.6-1 -> 2.6.31.6-1)
[2009-11-14 16:01] upgraded libcdio (0.80-3 -> 0.81-2)
[2009-11-14 16:01] upgraded libxext (1.0.5-2 -> 1.1.1-1)
[2009-11-14 16:01] upgraded libdmx (1.0.99.1-1 -> 1.1.0-1)
[2009-11-14 16:01] upgraded libdrm (2.4.13-1 -> 2.4.15-1)
[2009-11-14 16:01] upgraded libevent (1.4.11-1 -> 1.4.12-1)
[2009-11-14 16:01] upgraded libfetch (2.25-1 -> 2.26-1)
[2009-11-14 16:01] upgraded libgpg-error (1.6-1 -> 1.7-2)
[2009-11-14 16:01] upgraded libmms (0.4-1 -> 0.5-1)
[2009-11-14 16:01] upgraded libmpcdec (1.2.6-1 -> 1.2.6-2)
[2009-11-14 16:01] upgraded libmysqlclient (5.1.38-1 -> 5.1.39-1)
[2009-11-14 16:01] upgraded libpciaccess (0.10.8-1 -> 0.10.9-1)
[2009-11-14 16:01] upgraded libpng (1.2.39-1 -> 1.2.40-1)
[2009-11-14 16:01] upgraded librpcsecgss (0.18-1 -> 0.19-1)
[2009-11-14 16:01] upgraded libtheora (1.0-1 -> 1.1.1-1)
[2009-11-14 16:01] upgraded libxt (1.0.6-1 -> 1.0.7-1)
[2009-11-14 16:01] upgraded libxmu (1.0.4-2 -> 1.0.5-1)
[2009-11-14 16:01] upgraded libxpm (3.5.7-2 -> 3.5.8-1)
[2009-11-14 16:01] upgraded libxaw (1.0.6-1 -> 1.0.7-1)
[2009-11-14 16:01] upgraded libxfixes (4.0.3-2 -> 4.0.4-1)
[2009-11-14 16:01] upgraded libxcomposite (0.4.0-2 -> 0.4.1-1)
[2009-11-14 16:01] upgraded libxdamage (1.1.1-2 -> 1.1.2-1)
[2009-11-14 16:01] upgraded libxdmcp (1.0.2-2 -> 1.0.3-1)
[2009-11-14 16:01] upgraded libxfont (1.4.0-1 -> 1.4.1-1)
[2009-11-14 16:01] upgraded libxfontcache (1.0.4-2 -> 1.0.5-1)
[2009-11-14 16:01] upgraded renderproto (0.9.3-2 -> 0.11-1)
[2009-11-14 16:01] upgraded libxrender (0.9.4-2 -> 0.9.5-1)
[2009-11-14 16:01] upgraded libxft (2.1.13-1 -> 2.1.14-1)
[2009-11-14 16:01] upgraded libxi (1.2.1-1 -> 1.3-2)
[2009-11-14 16:01] upgraded xineramaproto (1.1.99.1-1 -> 1.2-1)
[2009-11-14 16:01] upgraded libxinerama (1.0.99.1-1 -> 1.1-1)
[2009-11-14 16:01] upgraded libxkbfile (1.0.5-1 -> 1.0.6-1)
[2009-11-14 16:01] upgraded libxml2 (2.7.3-3 -> 2.7.6-1)
[2009-11-14 16:01] upgraded recordproto (1.13.2-2 -> 1.14-1)
[2009-11-14 16:01] upgraded libxtst (1.0.3-2 -> 1.1.0-1)
[2009-11-14 16:01] upgraded libxv (1.0.4-1 -> 1.0.5-1)
[2009-11-14 16:01] upgraded xf86dgaproto (2.0.99.1-1 -> 2.1-1)
[2009-11-14 16:01] upgraded libxxf86dga (1.0.99.1-1 -> 1.1.1-1)
[2009-11-14 16:01] upgraded xf86miscproto (0.9.2-2 -> 0.9.3-1)
[2009-11-14 16:01] upgraded libxxf86misc (1.0.1-2 -> 1.0.2-1)
[2009-11-14 16:01] upgraded xf86vidmodeproto (2.2.99.1-1 -> 2.3-1)
[2009-11-14 16:01] upgraded libxxf86vm (1.0.99.1-1 -> 1.1.0-1)
[2009-11-14 16:02] upgraded python (2.6.2-5 -> 2.6.4-1)
[2009-11-14 16:02] upgraded lirc-utils (0.8.5-1 -> 0.8.6-3)
[2009-11-14 16:02] >>> Updating module dependencies. Please wait ...
[2009-11-14 16:02] upgraded lirc (0.8.5-2 -> 0.8.6-1)
[2009-11-14 16:02] upgraded lvm2 (2.02.48-1 -> 2.02.53-1)
[2009-11-14 16:02] upgraded man-pages (3.22-1 -> 3.23-1)
[2009-11-14 16:02] upgraded mesa (7.5.1-2 -> 7.6-2)
[2009-11-14 16:02] upgraded mlocate (0.22.1-1 -> 0.22.2-2)
[2009-11-14 16:02] upgraded nfs-utils (1.2.0-3 -> 1.2.0-4)
[2009-11-14 16:02] upgraded openssh (5.2p1-1 -> 5.3p1-2)
[2009-11-14 16:02] upgraded pango (1.24.5-1 -> 1.26.0-2)
[2009-11-14 16:02] upgraded pixman (0.16.0-1 -> 0.16.2-1)
[2009-11-14 16:02] upgraded popt (1.14-1 -> 1.15-1)
[2009-11-14 16:02] upgraded randrproto (1.3.0-1 -> 1.3.1-1)
[2009-11-14 16:02] upgraded sdl (1.2.13-3 -> 1.2.14-1)
[2009-11-14 16:02] upgraded sdparm (1.03-2 -> 1.04-1)
[2009-11-14 16:03] upgraded shared-mime-info (0.60-1 -> 0.70-2)
[2009-11-14 16:03] upgraded tdb (3.3.7-1 -> 3.4.3-2)
[2009-11-14 16:03] upgraded smbclient (3.3.7-2 -> 3.4.3-2)
[2009-11-14 16:03] upgraded subversion (1.6.5-4 -> 1.6.5-5)
[2009-11-14 16:03] upgraded tre (0.7.6-1 -> 0.8.0-1)
[2009-11-14 16:03] upgraded wavpack (4.50.1-1 -> 4.60.0-1)
[2009-11-14 16:03] upgraded wget (1.11.4-2 -> 1.12-1)
[2009-11-14 16:03] upgraded xbitmaps (1.0.1-2 -> 1.1.0-1)
[2009-11-14 16:03] upgraded xcursor-themes (1.0.1-2 -> 1.0.2-1)
[2009-11-14 16:03] upgraded xf86-input-evdev (2.2.5-1 -> 2.3.0-1)
[2009-11-14 16:03] upgraded xf86-video-vesa (2.2.0-1 -> 2.2.1-1)
[2009-11-14 16:03] upgraded xfsprogs (3.0.1-2 -> 3.0.5-1)
[2009-11-14 16:03] upgraded xorg-apps (7.4-2 -> 7.5-2)
[2009-11-14 16:03] upgraded xorg-font-utils (7.4-3 -> 7.5-2)
[2009-11-14 16:03] upgraded xorg-fonts-alias (1.0.1-2 -> 1.0.2-1)
[2009-11-14 16:03] Regenerating font encodings... done.
[2009-11-14 16:03] upgraded xorg-fonts-encodings (1.0.2-3 -> 1.0.3-1)
[2009-11-14 16:03] upgraded xorg-server-utils (7.4-7 -> 7.5-3)
[2009-11-14 16:03] upgraded xorg-server (1.6.3.901-1 -> 1.7.1.901-2)
[2009-11-14 16:03] installed printproto (1.0.4-1)
[2009-11-14 16:03] installed libxp (1.0.0-3)
[2009-11-14 16:03] upgraded xorg-utils (7.4-4 -> 7.5-1)
[2009-11-14 16:03] upgraded xorg-xauth (1.0.3-1 -> 1.0.4-1)
[2009-11-14 16:03] upgraded xorg-xkb-utils (7.4-2 -> 7.5-1)
[2009-11-14 16:03] upgraded xterm (246-1 -> 250-1)
Any help would be appreciated as I am currently not able to boot the machine.
Thanks,
Kevin
Last edited by ould (2009-11-23 13:41:40)

This is interesting since I still have the issue on my system, I havn't yet reverted to an older kernel but was thinking the kernel package is the likely issue, using version kernel 2.6.33
I take it this isn't a common error? is this possibly a 64 bit kernel error or a video related error?
Still no answer from me yet, not that I have spend a great deal of time trying to look at it. annoying though.

Line console password vs privilege mode enable secret

Similar Messages

Maybe you are looking for