There is no backdoor password, whatever was set on install is the only password that exists.
You can try this:
It's an older article that I think was created around Ubuntu 12.04 LTS OS.
When it comes to virtual/physical appliances it's usually faster to re-image and re-deploy than try to recover the password.
For ExtremeControl 95% of all configuration is stored and pushed from the XMC server. Just give it host properties like IP/gateway/domain/DNS and then enforce. The 5% being host configuration and DNS proxy (If applicable)
Analytics is similar. As long as you can remember the initial host configuration settings you should be able to re-deploy with the same IP, enforce from XMC and it should be OK.
App telemetry/netflow/mirror N/GRE tunnels are all configured in the network infrastructure, Analytics just needs to listen on the correct interface with the correct IP and report the information back to XMC.