Header Only - DO NOT REMOVE - Extreme Networks

Lost DFE Passwords when moving Configuration File

Userlevel 3
Article ID: 5335

Firmware 4.00.50 and higher
Firmware 3.51.01 and lower

Related to

'show config outfile'

Executed a saved DFE configuration file

Lost hashed / encrypted data
Reverted back to default passwords

The 'show config' command may be used to display a full DFE system configuration. When used with the 'outfile' option, the output is directed to a file rather than to the system console. That file, either left in place or having been copied from/to other locations, may then be used as the target of a 'configure' command in order to boot a DFE system onto that specific configuration. See 5035, for more about these commands.

With firmware 3.51.01 and lower, commands which display chassis secrets like user passwords, and similar secrets for other applications such as SNMPv3, have these lines commented out with asterisks in place of the password/secret, in the output of a 'show config'.

With firmware 4.00.50 and higher, rather than being commented out the password/secret data is converted to an encrypted ASCII format. This encryption is specific to the chassis the configuration was pulled from and is only decodable by that chassis.

With any version of firmware, activating such a saved configuration file by means of the 'configure' command will have unexpected effects - with older firmware, the password/secret data will revert to default values; and with newer firmware, the password/secret data will revert to default values if activated in a different chassis.

If the password/secret data is lost under the conditions stated above, you must either:
  1. remove the chassis-specific encrypted password command lines;[list]
  • replace the lines with versions that have clear text passwords;
    • ignore the errors the lines will produce.[/list]See also: 5037.
    • 0 replies

      Be the first to reply!