I have a Cisco router (it's hard to access physically so I can't tell you the model) being used as a NAT without a firewall (inside the network in such a way that that does not pose a security thread) and not as a gateway at all. I configure it by telnet. While elevated and under conf t, I ran no enable password seeking to have the telnet password allow full, unrestricted access to its configuration.
Now, when I log into the telnet session, I get a prompt like RouterName> when I would expect RouterName#. Trying to elevate with enable yields a password prompt. Neither blank, nor the telnet password nor the old enable password work to pass this.
I've read the enable password documentation and have seen that I needed to give a level along with my no enable password command like no enable password 7.
Fortunately, I did not write the current config to flash and so I would expect a cold restart to fix it. I don't particularly want to cold restart it as it's far from me now and that would entail a couple of seconds of a number of services not working. Is there any way I can resolve this without a cold restart and thus revert to working flash?
Best Answer
To answer your initial question, you'll pretty much have to restart. I couldn't find any commands available under the reduced privilege level that would let you either revert to the old config or change the password without restarting.
To fix the problem you were originally trying to solve, if you're not using aaa-newmodel, what you can do is set a user with privilege level 15:
When you login with someuser, you'll automatically be elevated to RouterName# privileges.
Security Concerns
Now, while you can happily do what I've suggested, there are serious security concerns that you should be aware of. The main one is the fact that telnet will send your password in the clear and this password will give anyone full access to your router. This is not much different from having separate user and enable passwords since none of it is encrypted anyway, so the config I suggested won't change the status quo.
But you should definitely be using SSH if at all possible.