Switch password recovery 說明
不管是誰 都會有忘記的時候。在交換器上面 最怕就是設定帳號密碼忘記 無法登入 交換器 不管是 telnet / console 存取
下列是 HP comware 作業系統 password recovery 的方式
最快速的方式 使用Console cable 連線到交換器 重開機!!! 開機過程出現下列畫面 請按 Ctrl+B,
出現 Password: 時 直接按 enter 就好 不要輸入任何文字
然後選擇 7 , 避開 startup.cfg 重新開機。 然後 透過 display 命令 先了解一下設定資訊 修改一下 。
重開就好
過程中 會重複開機 兩次 。
祝各位網路暢行無阻
3) When the following output appears, press Ctrl + B and enter the Boot ROM password as prompted to enter the Boot ROM menu.
Starting......
***********************************************************
* *
* H3C S5500-28C-PWR-EI BOOTROM, Version 509 *
* *
***********************************************************
Copyright (c) 2004-2009 Hangzhou H3C Tech. Co., Ltd.
Creation date : Jan 9 2009, 10:44:09
CPU Clock Speed : 533MHz
BUS Clock Speed : 133MHz
Memory Size : 256MB
Mac Address : 002389294f70
Press Ctrl-B to enter Boot Menu... 1
Password:
By default, the H3C switch does not have a Boot ROM password. If you have lost your Boot ROM password, recover the password as described in Boot ROM Password Recovery.
4) Select 7 in the Boot ROM menu and type y to confirm your operation.
BOOT MENU
1. Download application file to flash
2. Select application file to boot
3. Display all files in flash
4. Delete file from flash
5. Modify bootrom password
6. Enter bootrom upgrade menu
7. Skip current configuration file
8. Set bootrom password recovery
9. Set switch startup mode
0. Reboot
Enter your choice(0-9): 7
The current setting is running configuration file when reboot.
Are you sure to skip current configuration file when reboot? Yes or No(Y/N) y
Setting......done!
5) When you return to the Boot ROM menu, select 0 to restart the switch.
BOOT MENU
1. Download application file to flash
2. Select application file to boot
3. Display all files in flash
4. Delete file from flash
5. Modify bootrom password
6. Enter bootrom upgrade menu
7. Skip current configuration file
8. Set bootrom password recovery
9. Set switch startup mode
0. Reboot
Enter your choice(0-9): 0
^@System rebooting...
6) The switch skips the configuration file at the next startup and allows you to log in without providing the password.
****************************************************************************
* Copyright (c) 2004-2010 Hangzhou H3C Tech. Co., Ltd. All rights reserved.*
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
****************************************************************************
Configuration file is skipped.
User interface aux0 is available.
Press ENTER to get started.
<H3C>
7) At the command line interface (CLI), use the display startup command to view the startup configuration file, and use themore command to view the console login password in the configuration file.
<H3C> display startup
Current startup saved-configuration file: NULL
Next startup saved-configuration file: flash:/startup.cfg
<H3C> more startup.cfg
l If the password authentication method is used, pay attention to the console login password configuration commands, which are gray highlighted.
The password is displayed in plain text:
#
user-interface aux 0
authentication-mode password
set authentication password simple test
The password is displayed in cipher text:
#
user-interface aux 0
authentication-mode password
set authentication password cipher .]@USE=B,53Q=^Q`MAF4<1!!
A plain text password is directly displayed in the set authentication password simple command, and you can use or change it. A cipher text password is converted into cipher text characters, and you are recommended to change it.
l If the scheme authentication method is used, pay attention to the local username and password configuration commands, which are gray highlighted. The username is admin in this example.
The password is displayed in plain text:
#
local-user admin
password simple 123
service-type terminal
The password is displayed in cipher text:
#
local-user admin
password cipher 7-CZB#/YX]KQ=^Q`MAF4<1!!
service-type terminal
l If the switch has multiple local users, view the configuration of the terminal user configured with the service-type terminal command.
l A plain text password is directly displayed in the password simple command, and you can use or change it. A cipher text password is converted into cipher text characters, and you are recommended to change it.
8) Use the copy command to back up the configuration file. In this example, the backup file is named startup_bak.cfg.
<H3C> copy startup.cfg startup_bak.cfg
Copy flash:/startup.cfg to flash:/startup_bak.cfg?[Y/N]:y
.......
%Copy file flash:/startup.cfg to flash:/startup_bak.cfg...Done.
9) You can use File Transfer Protocol (FTP) or Trivial File Transfer Protocol(TFTP) to transfer the configuration file to your PC, and edit the file in the text editor software such as Windows Notepad and WordPad by using any of the following methods:
l Change the keyword of the authentication-mode command to none.
l Change keyword cipher of the set authentication password command to simple, and type a new password (for thepassword authentication method).
l Change keyword cipher of the password command to simple, and type a new password (for the schemeauthentication method).
The none authentication method is for temporary login only. To ensure device security, change the authentication method as soon as possible.
10) Upload the configuration file to the switch to replace the existing configuration file. Then the switch uses the new configuration file at the next startup, and allows you to log in with the new password. Meanwhile, other configurations are retained.
Telnet Login Password Recovery
l The password recovery method described in this section applies to the password authentication method and local authentication of the scheme authentication method. In RADIUS authentication of the scheme authentication method, login passwords are configured on the RADIUS server. If you fail to log in to the RADIUS server due to password loss or RADIUS server failure, you are recommended to contact the administrator to obtain a new login password.
l If the switch is enabled with the password control function, the telnet login password is not displayed in the configuration file. Disable this function before performing the following operations.
If the telnet login password is lost, you can log in to the console through the console port to display and change the telnet login password.
1) Use a configuration cable to connect the serial port of your PC to the console port of the H3C switch, configure the terminal emulation program, and log in to the console. For the settings of the terminal emulation program, refer to Table 2-1.
2) Use the display current-configuration command to view the telnet authentication configuration.
l If the password authentication method is used, pay attention to the telnet password configuration command, which is gray highlighted.
<H3C> display current-configuration | begin user-interface
user-interface aux 0
set authentication password simple test
user-interface vty 0 4
user privilege level 3
set authentication password simple h3c
idle-timeout 0 0
#
解決方案原URL轉貼
http://www.h3c.com/portal/Technical_Support___Documents/Technical_Documents/Switches/H3C_5820X_Series_Switches/Maintenance/Maintenance/H3C_Login_Password_Recovery_Manual(V1.01)/