How to recover the console port password on Huawei s7700
and s9700 switches? Here we will tell you three methods to recover the
password.
Three methods are provided to recover the console port
password.
l Method 1:
Log in to the device using Telnet and change the console port password.
l Method 2:
Clear the console login password in BootROM and change the console port
password.
l Method 3:
Clear the startup configuration file in BootROM, start the device with no configuration,
and change the console port password.
NOTE
1. Method 1 is recommended. If you forget the Telnet password, use method
2 or 3.
2. If console port login uses password authentication and method 1 cannot
be used, method 2 is recommended.
3. If the console port login uses AAA authentication, method 3 is
recommended.
Logging In to the Device Using Telnet and Changing the
Console Port Password
If you have a Telnet account and your user right is level 3 or higher, log
in to the device using Telnet, change the console port password, and save the
configuration.
1. Log in to the device using Telnet. Ensure that your user right is level
3 or higher.
Run the display users command to display all the users that have logged into the device.
The item with a "+" mark indicates your user account on user
interface VTY1.
<HUAWEI>
display users
User-Intf
Delay Type Network Address AuthenStatus
AuthorcmdFlag
129
VTY 0 00:23:36 TEL 10.135.18.67 pass
Username
: Unspecified
+ 130 VTY 1 01:20:36 TEL 10.135.18.91 pass
Username
: Unspecified
131
VTY 2 00:00:00 TEL 10.135.18.54 pass
Username
: Unspecified
Run the display user-interface command to display the user right of all users. VTY1 has
a corresponding user right 15; therefore, you have the right to change the
console port
password.
<HUAWEI>
display
user-interface
Idx
Type Tx/Rx Modem Privi ActualPrivi Auth Int
0
CON 0 9600 - 15 - P -
+
129 VTY 0 - 15 15 P -
+ 130 VTY 1 - 15 15 P -
+
131 VTY 2 - 15 - P -
132
VTY 3 - 15 15 P -
......
2. Change the console port password.
In this example, you set the authentication mode to
password authentication and the password to huawei@123.
<HUAWEI>
system-view
[HUAWEI]
user-interface
console 0
[HUAWEI-ui-console0]
authentication-mode
password
[HUAWEI-ui-console0]
set
authentication password cipher huawei@123
[HUAWEI-ui-console0]
return
3. Save the configuration.
<HUAWEI>
save
The
current configuration will be written to the device.
Are
you sure to continue?[Y/N]y
Now
saving the current configuration to the slot 4.
Save
the configuration successfully.
Clearing the Console Login Password in BootROM and
Changing the Console Port
Password
The BootROM allows you to clear the console port password so that the
device does not check the password when you log in through the console port.
When the device starts, you do not need to enter the console port password and
all configurations are loaded as normally. After the device starts, change the
console port password and save the configuration.
NOTICE
l You must
restart the device to display the BootROM menu, which results in service
interruption. Migrate services to a backup device and perform this
operation in off-peak
hours.
l Set a new
password immediately after you log in to the device by clearing console login
password.
l Do not
power off the device during the operation.
l If the
switch has two MPUs, remove the standby MPU before restarting the switch. After
the switch completes restarting, install the standby MPU.
1. Connect a PC to the device through a serial cable and restart the
device. When the message "Press Ctrl+B to enter Boot Menu..." is
displayed, press Ctrl+B and enter the password (Admin@huawei.com by default). The BootROM main menu is
displayed.
2. Clear console login password.
1.
Boot with default mode
2.
Boot from Flash
3.
Boot from CFCard
4.
Enter serial submenu
5.
Enter ethernet submenu
6.
Modify Flash description area
7.
Modify bootrom password
8.
Clear password for console user
9.
Reboot
Enter
your choice(1-9):8
Note: Clear password for console user? Yes or
No(Y/N): y
Clear
password for console user successfully. Choose "1" to boot, then set
a
New
password.
Note: Do not choose "9. Reboot" or
power off the device, otherwise this
operation
will not take effect.
NOTE
V2R5 and later versions: The S12700 menu page differs from that displayed
above. However, you can also clear the console port password according to this
method.
3. Enter 1 in the
BootROM main menu to start the device.
4. Log in to the device through the console port. Authentication is not
required when you login. Change the console port password. In this example, you
set the authentication mode to password authentication and the password to huawei@123.
<HUAWEI>
system-view
[HUAWEI]
user-interface
console 0
[HUAWEI-ui-console0]
authentication-mode
password
[HUAWEI-ui-console0]
set
authentication password cipher huawei@123
[HUAWEI-ui-console0]
return
5. Save the configuration.
<HUAWEI>
save
The
current configuration will be written to the device.
Are
you sure to continue?[Y/N]y
Now
saving the current configuration to the slot 4.
Save
the configuration successfully.
Clearing the Startup Configuration File in BootROM,
Starting the Device with No
Configuration, and Changing the Console Port Password
If you clear the startup configuration file in BootROM, the device restarts
with no configuration.
After the device starts, export the configuration file and change the
console login configuration.
Upload the changed configuration to the device and specify the new
configuration file as the next startup configuration file. After the device
restarts, you do not need to enter the console login password.
NOTICE
l You must
restart the device to display the BootROM menu, which results in service
interruption. Migrate services to a backup device and perform this
operation in off-peak
hours.
l Do not
power off the device during the operation.
l This
method only applies to V200R003 and later versions, and is not supported by the
versions earlier than V200R003.
1. Connect a PC to the device through a serial cable and restart the device.
When the message "Press Ctrl+B to enter Boot Menu..." is displayed,
press Ctrl+B
and enter the
password (Admin@huawei.com. By default, the password for old versions could be 9300). The BootROM main menu is displayed.
2. Delete the startup configuration file so that the device starts with no
configuration.
NOTE
Record the name of the current configuration file so that you can restore
the previous configuration later.
MAIN
MENU
1.
Boot with default mode
2.
Boot from Flash
3.
Boot from CFCard
4.
Enter serial submenu
5.
Enter ethernet submenu
6.
Modify Flash description area
7.
Modify BootROM password
8.
Clear password for console user
9.
Reboot
Enter
your choice(1-9):6
Modify
flash description area
Please
select booting device.
Press
ENTER directly for no change or input your choice.
1:
Flash, 2: CF Card
Current
booting device: 2, your choice: //Press Enter to use the current
value.
Current
booting File Name: cfcard:/HUAWEIV200R003C00.CC,
Press
ENTER directly for no change.
Or,
please input the file name (e.g. quidway.cc): //Press Enter to use the
current
value.
Saved-configuration
file
'.'=clear
field; '^D'=quit; Enter=use current configuration;
new=change
to other configuration file;
current:
vrpcfg.zip
new
: . //Clear the current value.
Saved-patch
file
'.'=clear
field; '^D'=quit; Enter=use current patch;
new=change
to other patch file;
current:
new
: //Press Enter.
The patch file does not need to be updated.
Writting
descriptor to flash...OK!
Writting
backup descriptor to flash...OK!
NOTE
V2R5 and later versions: The S12700 menu page differs from that displayed
above. However, you
can also clear the console port password according to this method.
3. Enter 1 in the
BootROM main menu to start the device.
4. After the startup, the device restores the default factory settings.
Log in to the device through the console port and set a new login password, for
example, huawei@123.
An
initial password is required for the first login via the console.
Continue
to set it? [Y/N]:y
Set
a password and keep it safe. Otherwise you will not be able to login via
The
console.
Please
configure the login password (maximum length 16)
Enter
password: //Enter huawei@123.
Confirm
password: //Enter huawei@123 again.
5. Restore the previous configuration. To restore the previous configuration
but not retain the console login password in the previous configuration file,
download the previous
configuration file to the PC. After deleting the console configuration,
upload the previous
configuration file to the device and specify it as the startup
configuration file. Restart the
device to make the previous configuration file take effect.
a. Configure the device as the FTP server.
<HUAWEI>
system-view
[HUAWEI]
ftp server
enable
Info:
The FTP server is already enabled.
[HUAWEI]
interface
ethernet 0/0/0
[HUAWEI-Ethernet0/0/0]
ip address
10.110.24.254 24
[HUAWEI-Ethernet0/0/0]
quit
[HUAWEI]
aaa
[HUAWEI-aaa]
local-user
huawei password irreversible-cipher huawei@123
[HUAWEI-aaa]
local-user
huawei ftp-directory cfcard:
[HUAWEI-aaa]
local-user
huawei service-type ftp
[HUAWEI-aaa]
local-user
huawei privilege level 15
b. Download previous configuration file vrpcfg.zip to the PC.
C:\Documents
and Setting\Administrator> ftp 10.110.24.254
Connected
to 10.110.24.254.
220
FTP service ready.
User
(10.110.24.254:(none)): huawei
331
Password required for huawei.
Password:
230
User logged in.
ftp>
get
vrpcfg.zip
200
Port command okay.
150
Opening ASCII mode data connection for vrpcfg.zip.
226
Transfer complete.
ftp:
receive 981 bytes in 0.00 seconds 981000.00Kbytes/sec
c. Decompress the downloaded file on the PC and open it using a text
editing tool
(system-provided text editing tool is recommended). Delete the console
authentication
configuration and compress the file into the file vrpcfg.zip. The following
configuration needs to be deleted:
#
user-interface
maximum-vty 15
user-interface
con 0
authentication-mode password // Manual deletion is required.
set authentication password cipher
%@%@:*IB+w7j~""GlU$0-;\#m@Jw%@%
@ // Manual
deletion is required.
#
user-interface
con 0
authentication-mode aaa // Manual deletion is required.
user privilege level 15 // Manual deletion is required.
6. Save the modified configuration file and upload it to the device to
replace the original
configuration file.
ftp>
put vrpcfg.zip
200
Port command okay.
150
Opening ASCII mode data connection for vrpcfg.zip.
226
Transfer complete.
ftp:
981 bytes are sent and the transmission time is 0.00 Seconds. The speed
is
981000.00Kbytes/sec.
7. Configure the uploaded configuration file as the startup configuration
file. Restart the
device without saving the configuration.
<HUAWEI>
startup
saved-configuration vrpcfg.zip
Info:
Succeeded in setting the configuration for booting system.
<HUAWEI>
reboot fast
System
will reboot! Continue ? [y/n]:y
8. After the device restarts, you are prompted to enter the console login
password. Enter a
password and press Enter to display the command line interface.
NOTE
The preceding screen display information is only for reference. The screen
display information varies
depending on the device and version.
More related: