Console Login Password Recovery

l The password recovery method described in this section applies to the

password authentication method and local authentication of the scheme
authentication method. In RADI! authentication of the scheme
authentication method" login passwords are con#gured on the RADI! server.
If you fail to log in to the RADI! server due to password loss or RADI!
server failure" you are recommended to contact the administrator to obtain a
new login password.
l If the switch is enabled with the password control function" the console
login password is not displayed in the con#guration #le. Disable this function
before performing the following operations.

If the console login password is lost" you can select !$ip current con#guration
#le in the %oot R&' menu to recover the password. To do that" follow these
steps(
)* se a con#guration cable to connect the serial port of your PC to the
console port of the +,C switch" and then you can display the login interface
through the terminal emulation program. Table -.) shows the default settings
of the console port.
Table -.) Default setting of the console port
Item
Default setting
%aud rate
/011 bps
2low control
3one
Parity
3one
!top bits
)
Data bits
4

2) Restart the switch.
3) When the following output appears, press Ctrl + B and enter
the Boot ROM password as prompted to enter the Boot ROM menu.
tarting......

55555555555555555555555555555555555555555555555555555555555
5 5
5 +,C !6611.-4C.P7R.8I %&&TR&'" 9ersion 61/ 5
5 5
55555555555555555555555555555555555555555555555555555555555
Copyright :c* -11;.-11/ +ang<hou +,C Tech. Co." Ltd.
Creation date ( =an / -11/" )1(;;(1/
CP Cloc$ !peed ( 6,,'+<
%! Cloc$ !peed ( ),,'+<
'emory !i<e ( -60'%
'ac Address ( 11-,4/-/;f>1


Press Ctrl.% to enter %oot 'enu... )
Password(

%y default" the +,C switch does not have a %oot R&' password. If you have
lost your %oot R&' password" recover the password as described in %oot
R&' Password Recovery.

;* !elect > in the %oot R&' menu and type y to con#rm your operation.
%&&T '83

). Download application #le to ?ash
-. !elect application #le to boot
,. Display all #les in ?ash
;. Delete #le from ?ash
6. 'odify bootrom password
0. 8nter bootrom upgrade menu
>. !$ip current con#guration #le
4. !et bootrom password recovery
/. !et switch startup mode
1. Reboot

8nter your choice:1./*( >
The current setting is running con#guration #le when reboot.
Are you sure to s$ip current con#guration #le when reboot@ Aes or 3o:AB3* y
!etting......doneC
6* 7hen you return to the %oot R&' menu" select 1 to restart the switch.
%&&T '83

). Download application #le to ?ash
-. !elect application #le to boot
,. Display all #les in ?ash
;. Delete #le from ?ash
6. 'odify bootrom password
0. 8nter bootrom upgrade menu
>. !$ip current con#guration #le
4. !et bootrom password recovery
/. !et switch startup mode
1. Reboot

8nter your choice:1./*( 1
DE!ystem rebooting...
0* The switch s$ips the con#guration #le at the neFt startup and allows
you to log in without providing the password.
5555555555555555555555555555555555555555555555555555555555555555555555555555
5 Copyright :c* -11;.-1)1 +ang<hou +,C Tech. Co." Ltd. All rights reserved.5
5 7ithout the ownerGs prior written consent" 5
5 no decompiling or reverse.engineering shall be allowed. 5
5555555555555555555555555555555555555555555555555555555555555555555555555555

Con#guration #le is s$ipped.
ser interface auF1 is available.



Press 83T8R to get started.
H+,CI
>* At the command line interface :CLI*" use the display startup command
to view the startup con#guration #le" and use the more command to view the
console login password in the con#guration #le.
H+,CI display startup
Current startup saved.con#guration #le( 3LL
3eFt startup saved.con#guration #le( ?ash(Bstartup.cfg
H+,CI more startup.cfg
l If the password authentication method is used" pay attention to the
console login password con#guration commands" which are gray highlighted.
The password is displayed in plain teFt(
J
user.interface auF 1
authentication.mode password
set authentication password simple test
The password is displayed in cipher teFt(
J
user.interface auF 1
authentication.mode password
set authentication password cipher .KE!8L%"6,MLDMN'A2;H)CC

A plain teFt password is directly displayed in the set authentication password
simple command" and you can use or change it. A cipher teFt password is
converted into cipher teFt characters" and you are recommended to change
it.

l If the scheme authentication method is used" pay attention to the local
username and password con#guration commands" which are gray
highlighted. The username is admin in this eFample.
The password is displayed in plain teFt(
J
local.user admin
password simple )-,
service.type terminal
The password is displayed in cipher teFt(
J
local.user admin
password cipher >.CO%JBAPKQMLDMN'A2;H)CC
service.type terminal

l If the switch has multiple local users" view the con#guration of the
terminal user con#gured with the service.type terminal command.
l A plain teFt password is directly displayed in the password simple
command" and you can use or change it. A cipher teFt password is converted
into cipher teFt characters" and you are recommended to change it.

4* se the copy command to bac$ up the con#guration #le. In this
eFample" the bac$up #le is named startupRba$.cfg.
!"3C# cop$ startup.cfg startup%&a'.cfg
Cop$ (ash)*startup.cfg to (ash)*startup%&a'.cfg+,-*./)$
.......
SCopy #le ?ash(Bstartup.cfg to ?ash(BstartupRba$.cfg...Done.
/* -ou can use 0ile 1ransfer 2rotocol 3012) or 1ri4ial 0ile 1ransfer
2rotocol31012) to transfer the con5guration 5le to $our 2C, and edit
the 5le in the te6t editor software such as Windows .otepad and
Word2ad &$ using an$ of the following methods)
l Change the $eyword of the authentication.mode command to none.
l Change $eyword cipher of the set authentication password command
to simple" and type a new password :for the password authentication
method*.
l Change $eyword cipher of the password command to simple" and type
a new password :for the scheme authentication method*.

The none authentication method is for temporary login only. To ensure device
security" change the authentication method as soon as possible.

)1* pload the con#guration #le to the switch to replace the eFisting
con#guration #le. Then the switch uses the new con#guration #le at the neFt
startup" and allows you to log in with the new password. 'eanwhile" other
con#gurations are retained.
Telnet Login Password Recovery

l The password recovery method described in this section applies to the
password authentication method and local authentication of the scheme
authentication method. In RADI! authentication of the scheme
authentication method" login passwords are con#gured on the RADI! server.
If you fail to log in to the RADI! server due to password loss or RADI!
server failure" you are recommended to contact the administrator to obtain a
new login password.
l If the switch is enabled with the password control function" the telnet
login password is not displayed in the con#guration #le. Disable this function
before performing the following operations.

If the telnet login password is lost" you can log in to the console through the
console port to display and change the telnet login password.
)* se a con#guration cable to connect the serial port of your PC to the
console port of the +,C switch" con#gure the terminal emulation program"
and log in to the console. 2or the settings of the terminal emulation program"
refer to Table -.).
-* se the display current.con#guration command to view the telnet
authentication con#guration.
l If the password authentication method is used" pay attention to the
telnet password con#guration command" which is gray highlighted.
H+,CI display current.con#guration T begin user.interface
user.interface auF 1
set authentication password simple test
user.interface vty 1 ;
user privilege level ,
set authentication password simple h,c
idle.timeout 1 1
J

l 7ith the T begin user.interface parameter speci#ed" the display
current.con#guration command displays the line that matches the user.
interface character string and all the subseUuent lines. This parameter helps
you Uuic$ly locate the user interface con#guration in the con#guration #le.
2or detailed information about the regular eFpression in display commands"
refer to the operation manuals of the switches.
l If the con#guration #le contains no authentication.mode information"
the authentication method is password" which is the default authentication
method of the telnet :9TA* user interface.
l 2or a plain teFt password" you can use or change it. 2or a cipher teFt
password" you are recommended to change it.

l If the scheme authentication method is used" pay attention to the
telnet password con#guration commands" which are gray highlighted.
H+,CI display current.con#guration T begin local.user
local.user abc
password simple )-,
service.type telnet
local.user admin
password cipher >.CO%JBAPKQMLDMN'A2;H)CC
service.type telnet terminal
V

l 2or a plain teFt password" you can use or change it. 2or a cipher teFt
password" you are recommended to change it.
l If the switch has multiple local users" view the con#guration of the
telnet user con#gured with the service.type telnet or service.type telnet
terminal command.

,* Change the authentication method and password.
l If the password is displayed in plain teFt" you can telnet to the device
by entering the password :for the password authentication method* or
username and password :for the scheme authentication method*.
l If you want to change the telnet login authentication method" use the
authentication.mode command in user view. 2or eFample" change the telnet
authentication method to none as follows(
H+,CI system.view
W+,CK user.interface vty 1 ;
W+,C.ui.vty1.;K authentication.mode none
l If you want to change the login password for the password
authentication method" use the set authentication password command to
change the password. 2or eFample" change the password to new as follows(
H+,CI system.view
W+,CK user.interface vty 1 ;
W+,C.ui.vty1.;K set authentication password simple new
l If you want to change the login password of a user in the scheme
authentication method" use the password command in the user view. 2or
eFample" change the password of the user admin to new as follows(
H+,CI system.view
W+,CK local.user admin
W+,C.luser.adminK password simple new
7hen the preceding con#guration is complete" you can use the new
password and authentication method for the neFt telnet login.

l The none authentication method is for temporary login only. To ensure
device security" change the authentication method as soon as possible.
l After the preceding con#guration is complete" save the con#guration
with the save command. &therwise" the switch may reUuire you to use the
former password and authentication method for login.