Newer version of code, reboot as master capable, asks for passphrase

  • 0
  • 1
  • Question
  • Updated 1 year ago
  • Answered

Hello, in this example I have x460-48p switches.  I noticed that with code 16.2.2.4 patch 1-3 (was the recommended code @ extreme at the time to address the poodle vulnerability), that if we have a switch in a stack that's not the master, when I issue the command to reboot as master capable, it prompts for "Enter passphrase:"  It doesn't ask for the normal login and password of the switch stack as it has in older say 15.x codes.   The passphrase it asks for isn't any of the passwords we have setup on the switch.

Get a "disabling protocProcess exsshd pid died with signal" after putting in a "Passphrase" and the switch reboots.  Happens on any switch that I've loaded 16.2.2.4 patch 1-3 on that I need to get into that isn't master capable.

Other than a conf none in the bootrom are there any more direct options to get into the switch?  All I need is to boot up this switch to run a diagnostics so I can RMA it. 

Thank you,

Sarah




Photo of Sarah Seidl

Sarah Seidl

  • 1,356 Points 1k badge 2x thumb

Posted 1 year ago

  • 0
  • 1
Photo of Ash Curtis

Ash Curtis, Employee

  • 618 Points 500 badge 2x thumb
Hello Sarah,

To get into this switch again you will need to boot into the bootrom and use config none.
 
This article from our Knowledge Base describes the problem you have encountered and the recovery process:
https://gtacknowledge.extremenetworks.com/articles/Solution/Why-does-Enter-passphrase-show-up-during...
Photo of Patrick Voss

Patrick Voss, Alum

  • 11,594 Points 10k badge 2x thumb
Hello Sarah,

Alternatively, you could disable stacking for that node while on the master and then reboot form the master. After the switch reboots you can console into it using the default username and password.
Photo of Sarah Seidl

Sarah Seidl

  • 1,356 Points 1k badge 2x thumb
thanks
Photo of Taykin Izzet

Taykin Izzet , Employee

  • 3,106 Points 3k badge 2x thumb
Sarah,

The switch may be encountering the following issue in which EXOS loads a configuration file (.cfg) that has SSH enabled, but the switch doesn't have a SSH key in the eeprom. Please review:

https://gtacknowledge.extremenetworks.com/articles/Solution/Why-does-Enter-passphrase-show-up-during...

If this is the case, then we made need upgrade using the BootROM method to address xos0064864. Note that this method would wipe configuration.

You can also try to switch partitions and Boot of a different version using the BootROM. Once in the BootROM, select "boot 1" or "boot 2".


We should certianly try to recover the switch before we look at RMA options.

Let us know if this helps.
Photo of Sarah Seidl

Sarah Seidl

  • 1,356 Points 1k badge 2x thumb

Thanks it's a POE failure.  So I like to send diag when I open a case.

Appreciate it!


Photo of Alexandr P

Alexandr P, Embassador

  • 12,670 Points 10k badge 2x thumb
Hi, all!

Is this issue happen in every (or most) cases? Or this is a rare case?
Becuase our Customers is planning to upgrade X440 and X460 stacks to 16.2.2.4 patch 1-3 which is recommended.

Thank you!
Photo of Ash Curtis

Ash Curtis, Employee

  • 618 Points 500 badge 2x thumb
This has been successfully recreated in the lab every time it has been attempted. The recommendation to avoid this scenario is to upgrade to 16.2.3 for first gen switches. 
Photo of Sarah Seidl

Sarah Seidl

  • 1,356 Points 1k badge 2x thumb

It happens on every460 gen 1 that we try to boot up as master capable.  In most cases we are replacing failed POE devices.  Will get used to making it a habit to go into bootrom and config none then boot it to get in.  Or better yet running diag before we remove it from the stack when possible :-) Looks like they are now recommending a 16.2.3 based on Ash's update.