Password recovery for routers and switches

In some enterprise networks, there are often human factors that cause some device passwords to be forgotten, requiring administrators to restore or change the password for those devices, and to change the password on those devices, see the configuration example below.

Suppose there is a Cisco switch with a password forgotten to make a re-change password what should we do?

First, we look at the switch, the general switch is a button on the button is the "mode" key, and then we link the switch to the computer, and switch on the power supply, when the switch is plugged in, press the "mode" button on the switch, long-press for a while. Open the SECURECRT terminal Emulator and link to the switch. The following configuration is available when the "switch:" Command prompt appears in the configuration interface. (Some switches are long-pressed to release the interface to show this command prompt again).

After the switch: prompt, enter the Flash_init command to initialize. (To change the suffix name of Flash:config.text to Flash:config.old, the purpose is to skip the file loading, because the password is stored in this file.) ）

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/5B/48/wKioL1UFUefztJ-GAAMgi65Gi6c891.jpg "title=" s1.jpg "alt=" Wkiol1ufuefztj-gaamgi65gi6c891.jpg "/>

The micro-code of the post is booted during the loading process.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/5B/4D/wKiom1UFUavi6yHNAAHcXMORIEI376.jpg "title=" s2.png "Style=" Float:none; "alt=" wkiom1ufuavi6yhnaahcxmoriei376.jpg "/>

The following red box asks do you want to enter the initial configuration dialog box? Answer no on the line.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/5B/48/wKioL1UFUs_jMq_NAAF03rWPkaU695.jpg "title=" s3.jpg "Style=" Float:none; "alt=" wkiol1ufus_jmq_naaf03rwpkau695.jpg "/>

Use show flash to view configuration information.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/5B/48/wKioL1UFUs-DhYi-AAKGofwpZwc556.jpg "style=" float: none; "title=" switch1.jpg "alt=" Wkiol1ufus-dhyi-aakgofwpzwc556.jpg "/>

The Flash:config.text file is reloaded into memory.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/5B/4D/wKiom1UFUavyWD2lAAG1V3prz3Y563.jpg "title=" s5.png "Style=" Float:none; "alt=" wkiom1ufuavywd2laag1v3prz3y563.jpg "/>

This time, the password can be modified. (The following remote plaintext password is a wrong-written label changed to the console port's password setting)

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/5B/48/wKioL1UFUtCRxLjsAAE08g4GyHo293.jpg "style=" float: none; "title=" s7.jpg "alt=" Wkiol1ufutcrxljsaae08g4gyho293.jpg "/>

Use command write to save the configuration, abbreviated to WR. Save the configuration and restart the switch. (You can also save it with the copy running-config startup-config command, abbreviated as copy run Star.) ）

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/5B/4D/wKiom1UFUauCJAErAAIgaKvaALQ004.jpg "style=" float: none; "title=" s8.jpg "alt=" Wkiom1ufuaucjaeraaigakvaalq004.jpg "/>

Router Password change command configuration:

The first thing to understand is that the router's password is stored in startup-config. To bypass the Startup-config configuration at boot time, restart the router by holding down the CTRL key +break key on the computer to interrupt iOS loading, introducing the router into ROM monitor mode, and changing the value of the configuration register 0x2102 to 0x2142. Represents a configuration that ignores startup-config at startup.

1) Restart the router

Hold down the CTRL key +break the key.

2) Modify the value of the configuration register:

Router (config) #confreg 0x2142

Router (config) #reset

3) Modify the value of the configuration register before restarting

Router (config) #reboot华为重启

Router (config) #reload思科重启

4) After the second entry to configuration mode, manually load the configuration file back.

Router#copy Startup-config Running-config

5) Then use the command show run to see which passwords are configured on your router.

6) Change the value of the Register back

Router (config) #config-register 0x2102

Router (config) #exit back to the previous mode

Router#copy running-config Startup-config Last saved configuration (equivalent command write)

Note: Why should I change the value of the configuration register to 0x2102 0x2142?

Since 0x represents 16 binary, converting 2102 into 16 is 0010.0001.0000.0010, where the seventh bit from the right can control the order of the router when it is started. If the bit is 0, the configuration of Startup-config is run at startup, and if the bit is 1, it means that the configuration of Startup-config is bypassed at startup and enters Setup mode. By conversion if the digit of this bit is 1 o'clock, the value of the configuration register is 0x2142.

Password recovery for routers and switches