800-Series Password Recovery

Userlevel 3
Article ID: 15116


Password recovery
Clear password
Default password

Firmware and higher release notes contain the following notice.
Firmware and higher systems display the following notice whenever password recovery mode is toggled from enabled to disabled:
    [code]Warning: If password recovery mode is disabled ("disable password_recovery"), there is no method to restore the default password, if the current administrative password is lost. Losing the password is NOT covered by the warranty and the switch would need to be returned to Enterasys at the end user's expense.[/code]
In the event of a lost non-default password, the following procedure may be used as long as the default 'enable password_recovery' command is stil in effect. If the user has overridden this by issuing the 'disable password_recovery' command, then there is no longer any means of recovering from a lost password. For this reason it is recommended that password recovery remain enabled. This does not lessen the security of the system, given that this recovery proccedure requires serial console access and assuming that the equipment is installed behind locked doors.

1. Set up a serial session via the front panel RJ45 console port. By default, the VT emulation settings are '9600 / 8 / 1 / none'.
Note: An optional (RJ45 male to DB9 female) console cable, part# 08A-CON-CBL, is helpful for this purpose. In the absence of this specialized cable, its pinouts are detailed in Figures 2-27 and 2-28 of the Hardware Installation Guide.
2. Power up or reset the switch, then monitor the boot sequence for the correct time to break in: Boot Procedure V01.01.01.0001

Power On Self Test ........................................ 100 %

MAC Address : 00-54-85-08-02-00
H/W Version : A1

Please Wait, Loading V01.01.01.0017 Runtime Image ......... 100 %
UART init ................................................. 100 %
Starting runtime image[/code]3. At this point, press "Shift +8" (asterisk) to enter password recovery mode.
4. Once there, issue the necessary recovery commands, as follows: Password Recovery Mode

>reset password admin
Command: reset password admin
Command: reboot[/code]5. After the unit has rebooted, it will have reverted to the default blank string password for the default admin account.
To gain entry with Super User access; at the login prompt enter the default user name admin then hit <Enter>, then at the password prompt leave the password blank then hit <Enter> again.
The user may optionally use these two parameters for in-band login, if the unit's IP address is known (15043).

0 replies

Be the first to reply!