l The password recovery method described in this section applies to the
password authentication method and local authentication of the scheme authentication method. In RADI! authentication of the scheme authentication method" login passwords are con#gured on the RADI! server. If you fail to log in to the RADI! server due to password loss or RADI! server failure" you are recommended to contact the administrator to obtain a new login password. l If the switch is enabled with the password control function" the console login password is not displayed in the con#guration #le. Disable this function before performing the following operations.
If the console login password is lost" you can select !$ip current con#guration #le in the %oot R&' menu to recover the password. To do that" follow these steps( )* se a con#guration cable to connect the serial port of your PC to the console port of the +,C switch" and then you can display the login interface through the terminal emulation program. Table -.) shows the default settings of the console port. Table -.) Default setting of the console port Item Default setting %aud rate /011 bps 2low control 3one Parity 3one !top bits ) Data bits 4
2) Restart the switch. 3) When the following output appears, press Ctrl + B and enter the Boot ROM password as prompted to enter the Boot ROM menu. tarting......
%y default" the +,C switch does not have a %oot R&' password. If you have lost your %oot R&' password" recover the password as described in %oot R&' Password Recovery.
;* !elect > in the %oot R&' menu and type y to con#rm your operation. %&&T '83
). Download application #le to ?ash -. !elect application #le to boot ,. Display all #les in ?ash ;. Delete #le from ?ash 6. 'odify bootrom password 0. 8nter bootrom upgrade menu >. !$ip current con#guration #le 4. !et bootrom password recovery /. !et switch startup mode 1. Reboot
8nter your choice:1./*( > The current setting is running con#guration #le when reboot. Are you sure to s$ip current con#guration #le when reboot@ Aes or 3o:AB3* y !etting......doneC 6* 7hen you return to the %oot R&' menu" select 1 to restart the switch. %&&T '83
). Download application #le to ?ash -. !elect application #le to boot ,. Display all #les in ?ash ;. Delete #le from ?ash 6. 'odify bootrom password 0. 8nter bootrom upgrade menu >. !$ip current con#guration #le 4. !et bootrom password recovery /. !et switch startup mode 1. Reboot
8nter your choice:1./*( 1 DE!ystem rebooting... 0* The switch s$ips the con#guration #le at the neFt startup and allows you to log in without providing the password. 5555555555555555555555555555555555555555555555555555555555555555555555555555 5 Copyright :c* -11;.-1)1 +ang<hou +,C Tech. Co." Ltd. All rights reserved.5 5 7ithout the ownerGs prior written consent" 5 5 no decompiling or reverse.engineering shall be allowed. 5 5555555555555555555555555555555555555555555555555555555555555555555555555555
Con#guration #le is s$ipped. ser interface auF1 is available.
Press 83T8R to get started. H+,CI >* At the command line interface :CLI*" use the display startup command to view the startup con#guration #le" and use the more command to view the console login password in the con#guration #le. H+,CI display startup Current startup saved.con#guration #le( 3LL 3eFt startup saved.con#guration #le( ?ash(Bstartup.cfg H+,CI more startup.cfg l If the password authentication method is used" pay attention to the console login password con#guration commands" which are gray highlighted. The password is displayed in plain teFt( J user.interface auF 1 authentication.mode password set authentication password simple test The password is displayed in cipher teFt( J user.interface auF 1 authentication.mode password set authentication password cipher .KE!8L%"6,MLDMN'A2;H)CC
A plain teFt password is directly displayed in the set authentication password simple command" and you can use or change it. A cipher teFt password is converted into cipher teFt characters" and you are recommended to change it.
l If the scheme authentication method is used" pay attention to the local username and password con#guration commands" which are gray highlighted. The username is admin in this eFample. The password is displayed in plain teFt( J local.user admin password simple )-, service.type terminal The password is displayed in cipher teFt( J local.user admin password cipher >.CO%JBAPKQMLDMN'A2;H)CC service.type terminal
l If the switch has multiple local users" view the con#guration of the terminal user con#gured with the service.type terminal command. l A plain teFt password is directly displayed in the password simple command" and you can use or change it. A cipher teFt password is converted into cipher teFt characters" and you are recommended to change it.
4* se the copy command to bac$ up the con#guration #le. In this eFample" the bac$up #le is named startupRba$.cfg. !"3C# cop$ startup.cfg startup%&a'.cfg Cop$ (ash)*startup.cfg to (ash)*startup%&a'.cfg+,-*./)$ ....... SCopy #le ?ash(Bstartup.cfg to ?ash(BstartupRba$.cfg...Done. /* -ou can use 0ile 1ransfer 2rotocol 3012) or 1ri4ial 0ile 1ransfer 2rotocol31012) to transfer the con5guration 5le to $our 2C, and edit the 5le in the te6t editor software such as Windows .otepad and Word2ad &$ using an$ of the following methods) l Change the $eyword of the authentication.mode command to none. l Change $eyword cipher of the set authentication password command to simple" and type a new password :for the password authentication method*. l Change $eyword cipher of the password command to simple" and type a new password :for the scheme authentication method*.
The none authentication method is for temporary login only. To ensure device security" change the authentication method as soon as possible.
)1* pload the con#guration #le to the switch to replace the eFisting con#guration #le. Then the switch uses the new con#guration #le at the neFt startup" and allows you to log in with the new password. 'eanwhile" other con#gurations are retained. Telnet Login Password Recovery
l The password recovery method described in this section applies to the password authentication method and local authentication of the scheme authentication method. In RADI! authentication of the scheme authentication method" login passwords are con#gured on the RADI! server. If you fail to log in to the RADI! server due to password loss or RADI! server failure" you are recommended to contact the administrator to obtain a new login password. l If the switch is enabled with the password control function" the telnet login password is not displayed in the con#guration #le. Disable this function before performing the following operations.
If the telnet login password is lost" you can log in to the console through the console port to display and change the telnet login password. )* se a con#guration cable to connect the serial port of your PC to the console port of the +,C switch" con#gure the terminal emulation program" and log in to the console. 2or the settings of the terminal emulation program" refer to Table -.). -* se the display current.con#guration command to view the telnet authentication con#guration. l If the password authentication method is used" pay attention to the telnet password con#guration command" which is gray highlighted. H+,CI display current.con#guration T begin user.interface user.interface auF 1 set authentication password simple test user.interface vty 1 ; user privilege level , set authentication password simple h,c idle.timeout 1 1 J
l 7ith the T begin user.interface parameter speci#ed" the display current.con#guration command displays the line that matches the user. interface character string and all the subseUuent lines. This parameter helps you Uuic$ly locate the user interface con#guration in the con#guration #le. 2or detailed information about the regular eFpression in display commands" refer to the operation manuals of the switches. l If the con#guration #le contains no authentication.mode information" the authentication method is password" which is the default authentication method of the telnet :9TA* user interface. l 2or a plain teFt password" you can use or change it. 2or a cipher teFt password" you are recommended to change it.
l If the scheme authentication method is used" pay attention to the telnet password con#guration commands" which are gray highlighted. H+,CI display current.con#guration T begin local.user local.user abc password simple )-, service.type telnet local.user admin password cipher >.CO%JBAPKQMLDMN'A2;H)CC service.type telnet terminal V
l 2or a plain teFt password" you can use or change it. 2or a cipher teFt password" you are recommended to change it. l If the switch has multiple local users" view the con#guration of the telnet user con#gured with the service.type telnet or service.type telnet terminal command.
,* Change the authentication method and password. l If the password is displayed in plain teFt" you can telnet to the device by entering the password :for the password authentication method* or username and password :for the scheme authentication method*. l If you want to change the telnet login authentication method" use the authentication.mode command in user view. 2or eFample" change the telnet authentication method to none as follows( H+,CI system.view W+,CK user.interface vty 1 ; W+,C.ui.vty1.;K authentication.mode none l If you want to change the login password for the password authentication method" use the set authentication password command to change the password. 2or eFample" change the password to new as follows( H+,CI system.view W+,CK user.interface vty 1 ; W+,C.ui.vty1.;K set authentication password simple new l If you want to change the login password of a user in the scheme authentication method" use the password command in the user view. 2or eFample" change the password of the user admin to new as follows( H+,CI system.view W+,CK local.user admin W+,C.luser.adminK password simple new 7hen the preceding con#guration is complete" you can use the new password and authentication method for the neFt telnet login.
l The none authentication method is for temporary login only. To ensure device security" change the authentication method as soon as possible. l After the preceding con#guration is complete" save the con#guration with the save command. &therwise" the switch may reUuire you to use the former password and authentication method for login.