This section provides an example of the password recovery procedure. This example uses a Cisco 2500 Series Router.<\/p>\n
Router>enable
\nPassword:
\nPassword:
\nPassword:
\n% Bad secrets
\nRouter>show version<\/p>\nCisco Internetwork Operating System Software<\/p>\n
IOS ™ 2500 Software (C2500-JS-L), Version 12.2(24a)
\nRELEASE SOFTWARE (fc3)<\/p>\nCopyright (c) 1986-2004 by cisco Systems, Inc.
\nCompiled Fri 28-May-04 19:30 by pwade<\/p>\nImage text-base: 0x0306C4E0, data-base: 0x00001000<\/p>\n
ROM: System Bootstrap, Version 11.0(10c), RELEASE SOFTWARE
\nBOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c),
\nRELEASE SOFTWARE (fc1)Router uptime is 5 minutes
\nSystem returned to ROM by power-on
\nSystem image file is “flash:\/c2500-js-l.122-24a.bin”<\/p>\ncisco 2500 (68030) processor (revision D) with 14336K\/2048K bytes of memory.<\/p>\n
Processor board ID 02315272, with hardware revision 00000000<\/p>\n
Bridging software.<\/p>\n
X.25 software, Version 3.0.0.<\/p>\n
SuperLAT software (copyright 1990 by Meridian Technology Corp).<\/p>\n
TN3270 Emulation software.<\/p>\n
1 Ethernet\/IEEE 802.3 interface(s)<\/p>\n
1 Token Ring\/IEEE 802.5 interface(s)<\/p>\n
2 Serial network interface(s)<\/p>\n
32K bytes of non-volatile configuration memory.<\/p>\n
16384K bytes of processor board System flash (Read ONLY)<\/p>\n
Configuration register is 0x2102 <\/strong><\/p>\n
!— This is the current value of the configuration register.<\/p>\n
Router><\/p>\n
!— The router was just power cycled and during bootup
\n!— break sequence is sent to the router (CTRL+Break).<\/strong><\/p>\n
\nSystem Bootstrap, Version 11.0(10c), SOFTWARE
\nCopyright (c) 1986-1996 by cisco Systems
\n2500 processor with 16384 Kbytes of main memory<\/p>\nAbort at 0x10EA83C (PC)
\n>o
\nConfiguration register = 0x2102 at last boot<\/p>\n!— You can also issue the o command at the ROMmon prompt
\n!— in order to view the configuration register settings value.<\/strong><\/p>\nBit# Configuration register option settings:
\n15 Diagnostic mode disabled
\n14 IP broadcasts do not have network numbers
\n13 Boot default ROM software if network boot fails
\n12-11 Console speed is 9600 baud
\n10 IP broadcasts with ones
\n08 Break disabled
\n07 OEM disabled
\n06 Ignore configuration disabled
\n03-00 Boot file is cisco2-2500 (or ‘boot system’ command)<\/p>\n>o\/r 0x2142<\/p>\n
!— Changes the value of config-register to 2142, so that
\n!— the router boots and ignores the NVRAM contents.<\/strong><\/p>\n>i<\/p>\n
!— Initializes or resets the router; the
\n!— router boots with the default configuration.<\/strong><\/p>\nSystem Bootstrap, Version 11.0(10c), RELEASE SOFTWARE
\nCopyright (c) 1986-1996 by cisco Systems
\n2500 processor with 8192 Kbytes of main memory
\nF3: 13626872+197596+780568 at 0x3000060
\nRestricted Rights Legend
\nUse, duplication, or disclosure by the Government is
\nsubject to restrictions as set forth in subparagraph
\n(c) of the Commercial Computer Software – Restricted
\nRights clause at FAR sec. 52.227-19 and subparagraph
\n(c) (1) (ii) of the Rights in Technical Data and Computer
\nSoftware clause at DFARS sec. 252.227-7013.
\ncisco Systems, Inc.
\n170 West Tasman Drive
\nSan Jose, California 95134-1706
\nCisco Internetwork Operating System Software
\nIOS ™ 2500 Software (C2500-JS-L), Version 12.2(24a),
\nRELEASE SOFTWARE (fc1)
\nCopyright (c) 1986-1999 by cisco Systems, Inc.
\nCompiled Fri 28-May-04 19:30 by pwade
\nImage text-base: 0x0306C4E0, data-base: 0x00001000
\ncisco 2500 (68030) processor (revision D) with 14336K\/2048K bytes of memory.
\nProcessor board ID 02315272, with hardware revision 00000000
\nBridging software.
\nX.25 software, Version 3.0.0.
\nSuperLAT software (copyright 1990 by Meridian Technology Corp).
\nTN3270 Emulation software.
\n1 Ethernet\/IEEE 802.3 interface(s)
\n1 Token Ring\/IEEE 802.5 interface(s)
\n2 Serial network interface(s)
\n32K bytes of non-volatile configuration memory.
\n16384K bytes of processor board System flash (Read ONLY)
\n— System Configuration Dialog —
\nWould you like to enter the initial configuration dialog? [yes\/no]:<\/p>\n!— Ctrl+C pressed.<\/strong><\/p>\n
!
\nPress RETURN to get started!
\n00:00:08: %LINK-3-UPDOWN: Interface Ethernet0, changed state to up
\n00:00:08: %LINK-3-UPDOWN: Interface Serial0, changed state to up
\n00:00:08: %LINK-3-UPDOWN: Interface Serial1, changed state to up
\n00:00:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
\nchanged state to up
\n00:00:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1,
\nchanged state to up
\n00:01:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0,
\nchanged state to up
\n00:01:29: %LINK-3-UPDOWN: Interface Ethernet0Translating “Router”…
\ndomain server (255.255.255.255), changed state to up
\n00:01:30: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1,
\nchanged state to up
\n00:01:31: %SYS-5-RESTART: System restarted —
\nCisco Internetwork Operating System Software
\nIOS ™ 2500 Software (C2500-JS-L), Version 12.2(24a),
\nRELEASE SOFTWARE (fc1)
\nCopyright (c) 1986-1999 by cisco Systems, Inc.
\nCompiled Fri 28-May-04 19:30 by pwade
\n00:01:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
\nchanged state to down
\n00:01:33: %LINK-5-CHANGED: Interface Ethernet0, changed state to<\/p>\nadministratively down<\/p>\n
00:01:33: %LINK-5-CHANGED: Interface Serial0, changed state to<\/p>\n
administratively down
\n00:01:33: %LINK-5-CHANGED: Interface Serial1, changed state to
\nadministratively down
\n00:01:33: %LINK-5-CHANGED: Interface TokenRing0, changed state to<\/p>\nadministratively down<\/p>\n
00:01:34: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0,
\nchanged state to down
\n00:01:34: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1,
\nchanged state to down
\n00:01:34: %LINEPROTO-5-UPDOWN: Line protocol on Interface TokenRing0,
\nchanged state to down
\nRouter>enable
\nRouter#copy startup-config running-config
\nDestination filename [running-config]?<\/p>\n!— Press ENTER. <\/strong><\/p>\n
1278 bytes copied in 10.448 secs (127 bytes\/sec)<\/p><\/blockquote>\n
Note: <\/strong>After you copy the configuration file from NVRAM to RAM, based on how the password is last configured, you can either:<\/p>\n
* perform a password recovery, if the enable password is configured (which is in plain text format)<\/p>\n
or
\n* perform a password replacement, if the enable secret password is configured (which is in encrypted format)<\/p>\nIn order to check the format in which the password is configured on the router, use the show running-config command, and look for enable password or enable secret password in the configuration.<\/p>\n
Password Replacement<\/strong>
\nThis output from the show running-config command shows that the enable secret password is configured. As a result, you can perform password replacement as shown in this example.<\/p>\nRouter#show running-config<\/p>\n
!— This command can be used to view the unencrypted password.<\/strong><\/p>\n
Building configuration…<\/p>\n
Current configuration : 431 bytes
\n!
\nversion 12.2
\nservice timestamps debug uptime
\nservice timestamps log uptime
\nno service password-encryption
\n!
\nhostname Router
\n!<\/p>\nenable password XxXxXx <\/strong><\/div>\n!— Here the password is plain clear text. We can either maintain
\n!— the same password or replace with a new password for security reasons.<\/p>\n!— Output Suppressed.<\/p>\n
<\/strong><\/p><\/blockquote>\n
This output from the show running-config command shows that the enable secret password is configured. As a result, you can perform password replacement as shown in this example.<\/p>\n
Router#show running-config
\nBuilding configuration…
\nCurrent configuration : 835 bytes
\n!
\nversion 12.2
\nservice timestamps debug uptime
\nservice timestamps log uptime
\nno service password-encryption
\n!
\nhostname Router
\n!
\nenable secret 5 $1$Oea234\/6Ppi0PZYzAj\/vX0<\/strong><\/p>\n!— Password replacement has to be done as the password is in encrypted format.<\/strong><\/div>\n!— Output suppressed.<\/p>\n
<\/strong>Router#configure terminal
\nEnter configuration commands, one per line. End with CNTL\/Z.
\nRouter(config)#enable secret xxxxxxx<\/strong>
\nRouter(config)#
\n00:03:39: %SYS-5-CONFIG_I: Configured from console by console<\/p><\/blockquote>\nWhen the password recovery or replacement is complete, the next steps are the same, as shown in this example output:<\/p>\n
Router#show ip interface brief<\/p>\n
Router(config)#interface ethernet 0
\nRouter(config-if)#no shutdown
\n*Mar 1 00:04:12.863: %LINK-3-UPDOWN: Interface Ethernet0,
\nchanged state to up
\n*Mar 1 00:04:13.947: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0,
\nchanged state to up
\nRouter(config-if)#interface serial 0
\nRouter(config-if)#no shutdown
\n*Mar 1 00:04:18.107: %LINK-3-UPDOWN: Interface Serial0,
\nchanged state to up
\n*Mar 1 00:04:19.167: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
\nchanged state to up
\nRouter(config-if)#interface serial 1
\nRouter(config-if)#no shutdown
\nRouter(config-if)#
\n*Mar 1 00:04:27.055: %LINK-3-UPDOWN: Interface Serial1,
\nchanged state to up
\n*Mar 1 00:04:28.071: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1,
\nchanged state to up #
\nRouter(config-if)#^Z
\nRouter#
\n00:02:35: %SYS-5-CONFIG_I: Configured from console by console
\nRouter#copy running-config startup-config
\nDestination filename [startup-config]?
\nBuilding configuration…
\n[OK]<\/p><\/blockquote>\nAfter you recover or replace the password, you must reset the configuration register value to 0x2102<\/strong>, which was changed earlier in the procedure to 0x2142 in order to ignore the startup configuration and boot the router. In order to verify the configuration register value, issue the show version command.<\/p>\n
Router#show version
\nCisco Internetwork Operating System Software
\nIOS ™ 2500 Software (C2500-JS-L), Version 12.2(24a)RELEASE SOFTWARE (fc3)
\nCopyright (c) 1986-2004 by cisco Systems, Inc.
\nCompiled Fri 28-May-04 19:30 by pwade
\nImage text-base: 0x0306C4E0, data-base: 0x00001000<\/p>\nROM: System Bootstrap, Version 11.0(10c), RELEASE SOFTWARE
\nBOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c),
\nRELEASE SOFTWARE (fc1)<\/p>\nRouter uptime is 5 minutes
\nSystem returned to ROM by power-on
\nSystem image file is “flash:\/c2500-js-l.122-24a.bin”<\/p>\ncisco 2500 (68030) processor (revision D) with 14336K\/2048K bytes of memory.
\nProcessor board ID 02315272, with hardware revision 00000000
\nBridging software.
\nX.25 software, Version 3.0.0.
\nSuperLAT software (copyright 1990 by Meridian Technology Corp).
\nTN3270 Emulation software.
\n1 Ethernet\/IEEE 802.3 interface(s)
\n1 Token Ring\/IEEE 802.5 interface(s)
\n2 Serial network interface(s)
\n32K bytes of non-volatile configuration memory.
\n16384K bytes of processor board System flash (Read ONLY)<\/p>\nConfiguration register is 0x2142<\/strong><\/p>\n
Router#configure terminal
\nEnter configuration commands, one per line. End with CNTL\/Z.
\nRouter(config)#config-register 0x2102<\/strong><\/p>\n!— The config-register is changed back to load the router
\n!— with NVRAM configuration.<\/strong><\/p>\nRouter(config)#^Z
\n00:03:20: %SYS-5-CONFIG_I: Configured from console by console<\/p><\/blockquote>\nWhen you issue the config-reg 0x2102<\/strong> command, the new configuration register value is not immediately applied. The new value is applied only after the router is reloaded. The show version<\/strong> command shows the current value (0x2142) and the value that will be applied after the next reload (0x2102).<\/p>\n
Router#show version
\nCisco Internetwork Operating System Software
\nIOS ™ 2500 Software (C2500-JS-L), Version 12.2(24a)RELEASE SOFTWARE (fc3)
\nCopyright (c) 1986-2004 by cisco Systems, Inc.
\nCompiled Fri 28-May-04 19:30 by pwade
\nImage text-base: 0x0306C4E0, data-base: 0x00001000<\/p>\nROM: System Bootstrap, Version 11.0(10c), RELEASE SOFTWARE
\nBOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c),
\nRELEASE SOFTWARE (fc1)<\/p>\nRouter uptime is 5 minutes
\nSystem returned to ROM by power-on
\nSystem image file is “flash:\/c2500-js-l.122-24a.bin”<\/p>\ncisco 2500 (68030) processor (revision D) with 14336K\/2048K bytes of memory.
\nProcessor board ID 02315272, with hardware revision 00000000
\nBridging software.
\nX.25 software, Version 3.0.0.
\nSuperLAT software (copyright 1990 by Meridian Technology Corp).
\nTN3270 Emulation software.
\n1 Ethernet\/IEEE 802.3 interface(s)
\n1 Token Ring\/IEEE 802.5 interface(s)
\n2 Serial network interface(s)
\n32K bytes of non-volatile configuration memory.
\n16384K bytes of processor board System flash (Read ONLY)<\/p>\nConfiguration register is 0x2142 (will be 0x2102 at next reload)<\/strong>
\nRouter#<\/p><\/blockquote>\nAfter you save the configuration, reload the router, and verify the configuration register value is 0x2102, as shown in this example:<\/p>\n
Router#write memory<\/strong>
\n*Mar 1 00:05:09.035: %SYS-5-CONFIG_I: Configured from console by console
\nBuilding configuration…
\n[OK]
\nRouter#
\nRouter#reload <\/strong>
\nProceed with reload? [confirm]<\/p>\n
\n!— Press Enter to continue.<\/strong><\/div>\n!— Starts to load the Cisco IOS from Flash and takes the configuration from the NVRAM.<\/p>\n
<\/strong>00:17:36: %SYS-5-RELOAD: Reload requested by console.<\/p>\n
System Bootstrap, Version 11.0(10c), SOFTWARE
\nCopyright (c) 1986-1996 by cisco Systems
\n2500 processor with 14336 Kbytes of main memory<\/p>\nF3: 15011856+968960+947120 at 0x3000060<\/p>\n
\n!— Output suppressed.<\/strong><\/p>\nRouter#show version<\/strong>
\nCisco Internetwork Operating System Software
\nIOS ™ 2500 Software (C2500-JS-L), Version 12.2(24a)RELEASE SOFTWARE (fc3)
\nCopyright (c) 1986-2004 by cisco Systems, Inc.
\nCompiled Fri 28-May-04 19:30 by pwade
\nImage text-base: 0x0306C4E0, data-base: 0x00001000<\/p>\nROM: System Bootstrap, Version 11.0(10c), RELEASE SOFTWARE
\nBOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c),
\nRELEASE SOFTWARE (fc1)<\/p>\nRouter uptime is 5 minutes
\nSystem returned to ROM by reload
\nSystem image file is “flash:\/c2500-js-l.122-24a.bin”<\/p>\ncisco 2500 (68030) processor (revision D) with 14336K\/2048K bytes of memory.
\nProcessor board ID 02315272, with hardware revision 00000000
\nBridging software.
\nX.25 software, Version 3.0.0.
\nSuperLAT software (copyright 1990 by Meridian Technology Corp).
\nTN3270 Emulation software.
\n1 Ethernet\/IEEE 802.3 interface(s)
\n1 Token Ring\/IEEE 802.5 interface(s)
\n2 Serial network interface(s)
\n32K bytes of non-volatile configuration memory.
\n16384K bytes of processor board System flash (Read ONLY)
\nConfiguration register is 0x2102<\/strong><\/p>\nRouter#<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"
This section provides an example of the password recovery procedure. This example uses a Cisco 2500 Series Router. Router>enable Password: Password: Password: % Bad secrets Router>show version Cisco Internetwork Operating …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/mudji.net\/press\/index.php?rest_route=\/wp\/v2\/posts\/205"}],"collection":[{"href":"https:\/\/mudji.net\/press\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mudji.net\/press\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mudji.net\/press\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mudji.net\/press\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=205"}],"version-history":[{"count":1,"href":"https:\/\/mudji.net\/press\/index.php?rest_route=\/wp\/v2\/posts\/205\/revisions"}],"predecessor-version":[{"id":494,"href":"https:\/\/mudji.net\/press\/index.php?rest_route=\/wp\/v2\/posts\/205\/revisions\/494"}],"wp:attachment":[{"href":"https:\/\/mudji.net\/press\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mudji.net\/press\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mudji.net\/press\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}