您的当前位置：首页 Cisco交换机密码恢复大全

Cisco交换机密码恢复大全

来源：好走旅游网

Cisco交换机密码恢复大全

一.基于CatOS的CATALYST

1200,1400,2901,2902,2926T/F,2926GS/L,2948G,2980G,4000,5000,5500,6000与6500密码恢复:

关掉交换机电源,等待片刻再打开.当出现密码提示符后,接下来要做的事情,就是在30秒内完成一些步骤：

1. 回车(相当于输入空密码).

2. 进入enable mode(enable命令别说你不会). 3. 回车,继续玩空密码.

4. 修改密码(set password和set enablepass命令).

5. 回车,相当于输入旧密码(如果在这时候收到提示信息说\"sorry password incorrect\抱歉,你

动作太慢了,超过30秒了,把上述步骤重新做1次,动作快点).

6. 设置更为安全的密码(set password和set enablepass命令).完工.

示例:

System Bootstrap, Version 5.3(1)

c6k_sup1 processor with 65536 Kbytes of main memory

Autoboot executing command: \"boot bootflash:cat6000-sup.6-3-3.bin\"

Uncompressing file: ########################################################### ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ##############################

System Power On Diagnostics

DRAM Size .................... MB Testing DRAM..................Passed NVRAM Size ...................512 KB Level2 Cache .................Present

System Power On Diagnostics Complete

Boot image: bootflash:cat6000-sup.6-3-3.bin

Running System Diagnostics from this Supervisor (Module 1) This may take up to 2 minutes....please wait

Cisco Systems Console

2002 Apr 08 16:08:13 %SYS-3-MOD_PORTINTFINSYNC:Port Interface in sync for Module 1

Enter password: /------你只有30秒------/ (回车)

2007 Mar 08 11:08:15 %SYS-1-SYS_ENABLEPS: Power supply 1 enabled 2007 Mar 08 11:08:15 %SYS-1-SYS_ENABLEPS: Power supply 2 enabled 2007 Mar 08 11:08:18 %SYS-5-MOD_PWRON:Module 3 powered up 2007 Mar 08 11:08:18 %SYS-5-MOD_PWRON:Module 4 powered up

2007 Mar 08 11:08:25 %MLS-5-NDEDISABLED:Netflow Data Export disabled

2007 Mar 08 11:08:26 %MLS-5-MCAST_STATUS:IP Multicast Multilayer Switching is enabled

2007 Mar 08 11:08:26 %SYS-5-MOD_OK:Module 1 is online

Console> enable

Enter password: 2007 Mar 08 11:08:37 %SYS-5-MOD_OK:Module 3 is online

2007 Mar 08 11:08:37 %SYS-3-MOD_PORTINTFINSYNC:Port Interface in sync for Module 3

Console> (enable) set password Enter old password: (回车)

Enter new password: (回车)

Retype new password: (回车)

Password changed.

Console> (enable) set enablepass Enter old password: (回车)

Enter new password: (回车)

Retype new password: (回车)

Password changed.

其他些老古董比如CATALYST 1200和这个有点不太一样,不写了,实在需要的话查documentation吧.

二.CATALYST 2900,3500XL的密码恢复:

拔下交换机的电源线,然后按住交换机的Mode按钮,再重新插上交换机的电源线.直到端口Port 1x的LED熄灭之后释放Mode按钮.

就这么简单,别告诉我你不知道Mode按钮在哪啊-_-#

三.CATALYST 2940,2950L的密码恢复:

拔下交换机的电源线,然后按住交换机的Mode按钮,再重新插上交换机的电源线.直到STAT的LED熄灭之后释放Mode按钮.

四.CATALYST 2955的密码恢复:

CATALYST 2955没有没有外部的Mode按钮,因此就不能使用之前的那种方法来进行密码恢复.在交换机启动时,对于Windows系列的PC,按下Ctrl+Break键;对于UNIX系列的工作站,按下Ctrl+C.如下: C2955 Boot Loader (C2955-HBOOT-M) Version 12.1(0.0.514), CISCO DEVELOPMENT TEST VERSION

Compiled Fri 13-Dec-02 17:38 by madison WS-C2955T-12 starting...

Base ethernet MAC Address: 00:0b:be:b6:ee:00 Xmodem file system is available. Initializing Flash...

flashfs[0]: 19 files, 2 directories

flashfs[0]: 0 orphaned files, 0 orphaned directories flashfs[0]: Total bytes: 7741440 flashfs[0]: Bytes used: 4510720

flashfs[0]: Bytes available: 3230720 flashfs[0]: flashfs fsck took 7 seconds. ...done initializing flash.

Boot Sector Filesystem (bs:) installed, fsid: 3

Parameter Block Filesystem (pb:) installed, fsid: 4 /---接下来交换机会在15秒内自动启动,等出现该信息之后,按下Ctrl+Break键或Ctrl+C键---/

The system has been interrupted prior to initializing the flash file system to finish loading the operating system software: flash_init load_helper bootswitch:

switch:flash_init /---输入flash_init命令---/ Initializing Flash...

flashfs[0]: 143 files, 4 directories

flashfs[0]: 0 orphaned files, 0 orphaned directories flashfs[0]: Total bytes: 3612672 flashfs[0]: Bytes used: 2729472 flashfs[0]: Bytes available: 883200

flashfs[0]: flashfs fsck took 86 seconds ....done Initializing Flash.

Boot Sector Filesystem (bs:) installed, fsid: 3 Parameter Block Filesystem (pb:) installed, fsid: 4

switch:

switch:load_helper /---输入load_helper命令---/ switch:

switch:dir flash: /---查看交换机flash内容---/ Directory of flash:/

2 -rwx 1803357 c3500xl-c3h2s-mz.120-5.WC7.bin 4 -rwx 1131 config.text 5 -rwx 109 info

6 -rwx 3 env_vars 7 drwx 0 html

18 -rwx 109 info.ver

403968 bytes available (3208704 bytes used) switch:

switch:rename flash:config.text flash:config.old /---重命名交换机配置文件---/ switch:

switch:boot /---手动启动交换机---/

Loading \"flash:c3500xl-c3h2s-mz.120-5.WC7.bin\"...############################### ################################################################################ ######################################################################

File \"flash:c3500xl-c3h2s-mz.120-5.WC7.bin\" uncompressed and installed, entry po int: 0x3000 executing...

进入CLI后:

Switch#rename flash:config.old flash:config.text /---恢复交换机配置文件---/

Destination filename [config.text] Switch#

Switch#copy flash:config.text system:running-config /---把配置文件保存到DRAM里---/

Destination filename [running-config]? 1131 bytes copied in 0.760 secs Switch#

接下来做的就是取消密码和保存新的配置: Switch(config)#no enable secret

Switch#wr

Building configuration... [OK] Switch#

五.CATALYST 3550,3560,3750的密码恢复:

启动超级终端:

拔掉交换机的电源.按下交换机上的Mode按钮,与此同时,重新插上交换机的电源线.当交换机端口1X上的LED熄灭后可以松开Mode按钮1到2秒.之后将显示一些指示信息:

The system has been interrupted prior to initializing the flash file system. The following commands will initialize the flash file system, and finish loading the operating system software: flash_init load_helper boot switch#

Switch#flash_init /---初始化flash文件系统---/

Switch#load_helper /---加载帮助文件---/

Switch#rename flash:config.text flash:config.text.old /---显示flash里的内容,把配置文件重命名---/

Switch#boot /---手动启动交换机---/

Switch#rename flash:config.old flash:config.text /---恢复交换机配置文件---/

Switch#copy flash:config.text system:running-config /---保存配置到DRAM里---/

Switch(config)#enable secret

{password} /---干掉旧密码,设置新密码,并保存---/ Switch#wr

六.基于CISCO IOS软件版本12.2(17)SX之前的,搭载Supervisor Engine 720的CATALYST 6500密码恢复:

标题同样很长-__-3.本section只适用于基于CISCO IOS软件版本12.2(17)SX或其之前版本的.(关于这1部分的恢复过程,也可以参见CISCO Bug ID CSCec36997这1部分的讲解).

通常当交换机加电后,交换机处理器(SP)启动,大约25-60秒后,控制权转交给路由处理器

(RP,MSFC),RP继续加载软件镜象.接下来要做的,老规矩,CTRL+BREAK,但是别太快,该过程是应该在RP启动的时候做而不是在SP启动的时候做,否则就进到SP ROMMON模式去了.因此,出现以下信息后,就可以CTRL+BREAK了:

00:00:03: %OIR-6-CONSOLE: Changing console ownership to route processor

注意由于之前提到的bug,这次更猛,你只有10秒的时间去CTRL+BREAK(看来是前作大片的续集啊-__-#).接下来修改寄存器值为0x2142让交换机忽略启动配置文件.然后就会重启: rommon 1 > confreg 0x2142

00:00:41: %SYS-SP-3-LOGGER_FLUSHED: System was paused for 00:00:00 to ensure co. 00:00:41: %SYS-SP-2-INTSCHED: 't_idle' at level 7

-Process= \"SCP Download Process\

-Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C 00:00:41: %SYS-SP-2-INTSCHED: 't_idle' at level 7 -Process= \"SCP Download Process\

-Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C 00:00:41: %OIR-SP-6-CONSOLE: Changing console ownership to switch processor

*** System received a Software forced crash *** signal= 0x17, code= 0x24, context= 0x4269f6f4

PC = 0x401370d8, Cause = 0x3020, Status Reg = 0x34008002

之后不要进setup模式,进入命令行后,enable命令进到特权模式.然后configure memory或copy startup-config running-config命令伺候,把NVRAM中的东西拷贝到RAM中.

继续,进到全局配置模式后,用enable secret命令修改密码.然后把寄存器值改回0x2102.如果你VTY线路下设置的有密码,这时候可以顺便一起改了: Router(config)#line vty 0 4

Router(config-line)#password NUAIKO Router(config-line)#^Z Router#

最后保存配置:wr吧.收工!

示例:

System Bootstrap, Version 7.7(1)

Cat6k-Sup720/SP processor with 524288 Kbytes of main memory

Autoboot executing command: \"boot disk0:s72033-ps-mz.122-14.SX1.bin\"

Self decompressing the image : ################################################]

Restricted Rights Legend

Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph

cisco Systems, Inc. 170 West Tasman Drive

San Jose, California 95134-1706

Cisco Internetwork Operating System Software

IOS (tm) s72033_sp Software (s72033_sp-SP-M), Version 12.2(14)SX1, EARLY DEPLOY) TAC Support: http://www.cisco.com/tac

Image text-base: 0x40020C10, data-base: 0x40B98000

00:00:03: %PFREDUN-6-ACTIVE: Initializing as ACTIVE processor

00:00:03: %OIR-6-CONSOLE: Changing console ownership to route processor /------你只有10秒CTRL+BREAK------/

Cat6k-Sup720/RP platform with 524288 Kbytes of main memory

Download Start

*** Mistral Interrupt on line 4 ***

System memory 1 bit ECC correctable error interrupt .. PC = 0x8000841c, SP = 0x80007f00, RA = 0x80008488 Cause Reg = 0x00004400, Status Reg = 0x3041c003

rommon 1 >

rommon 1 > confreg 0x2142

You must reset or power cycle for new config to take effect.

rommon 2 > /------自动重启了,别怕------/

00:00:31: %SYS-SP-3-LOGGER_FLUSHED: System was paused for 00:00:00 to ensure co.

00:00:31: %SYS-SP-2-INTSCHED: 't_idle' at level 7 -Process= \"SCP Download Process\

-Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C 00:00:31: %SYS-SP-2-INTSCHED: 't_idle' at level 7 -Process= \"SCP Download Process\

-Traceback= 4013991C 401232B4 402827F4 40282994 40283010 405CB010 402A9858 4013C 00:00:31: %OIR-SP-6-CONSOLE: Changing console ownership to switch processor

*** System received a Software forced crash *** signal= 0x17, code= 0x24, context= 0x4269f6f4

PC = 0x401370d8, Cause = 0x3020, Status Reg = 0x34008002

System Bootstrap, Version 7.7(1)

Cat6k-Sup720/SP processor with 524288 Kbytes of main memory

Autoboot executing command: \"boot disk0:s72033-ps-mz.122-14.SX1.bin\"

Self decompressing the image : ################################################]

Restricted Rights Legend

cisco Systems, Inc. 170 West Tasman Drive

San Jose, California 95134-1706

Cisco Internetwork Operating System Software

IOS (tm) s72033_sp Software (s72033_sp-SP-M), Version 12.2(14)SX1, EARLY DEPLOY) TAC Support: http://www.cisco.com/tac

Image text-base: 0x40020C10, data-base: 0x40B98000

00:00:03: %PFREDUN-6-ACTIVE: Initializing as ACTIVE processor

00:00:03: %OIR-6-CONSOLE: Changing console ownership to route processor

Cat6k-Sup720/RP platform with 524288 Kbytes of main memory

Download Start

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Download Completed! Booting the image.

Self decompressing the image : ################################################]

Restricted Rights Legend

cisco Systems, Inc. 170 West Tasman Drive

San Jose, California 95134-1706

Cisco Internetwork Operating System Software

IOS (tm) s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY) TAC Support: http://www.cisco.com/tac

Image text-base: 0x40008C10, data-base: 0x41ACE000

cisco Catalyst 6000 (R7000) processor with 458752K/65536K bytes of memory. Processor board ID

SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache Last reset from power-on

X.25 software, Version 3.0.0. Bridging software.

1 Virtual Ethernet/IEEE 802.3 interface(s) 96 FastEthernet/IEEE 802.3 interface(s) 58 Gigabit Ethernet/IEEE 802.3 interface(s)

1917K bytes of non-volatile configuration memory. 8192K bytes of packet buffer memory.

65536K bytes of Flash internal SIMM (Sector size 512K).

--- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: n

Press RETURN to get started!

00:00:03: %SYS-3-LOGGER_FLUSHED: System was paused for 00:00:00 to ensure conso.

00:00:46: curr is 0x10000

00:00:46: RP: Currently running ROMMON from F1 region 00:01:00: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software

IOS (tm) s72033_rp Software (s72033_rp-PS-M), Version 12.2(14)SX1, EARLY DEPLOY) TAC Support: http://www.cisco.com/tac

00:01:00: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold stat 00:01:00: %SYS-6

Router>-BOOTTIME: Time taken to reboot after reload = 1807 seconds

Firmware compiled 19-May-03 10: by integ Build [100]

00:00:: %SPANTREE-SP-5-EXTENDED_SYSID: Extended SysId enabled for type vlan 00:00:: SP: SP: Currently running ROMMON from F1 region 00:01:00: %SYS-SP-5-RESTART: System restarted --

Cisco Internetwork Operating System Software

IOS (tm) s72033_sp Software (s72033_sp-SP-M), Version 12.2(14)SX1, EARLY DEPLOY) TAC Support: http://www.cisco.com/tac

00:01:01: %OIR-SP-6-INSPS: Power supply inserted in slot 1 00:01:01: %C6KPWR-SP-4-PSOK: power supply 1 turned on. 00:01:01: %OIR-SP-6-INSPS: Power supply inserted in slot 2 00:01:01: %C6KPWR-SP-4-PSOK: power supply 2 turned on.

00:01:01: %C6KPWR-SP-4-PSREDUNDANTBOTHSUPPLY: in power-redundancy mode, system . 00:01:05: %FABRIC-SP-5-FABRIC_MODULE_ACTIVE: the switching fabric module in sloe 00:01:06: %DIAG-SP-6-RUN_MINIMUM: Module 5: Running Minimum Diagnostics... Router> Router>

00:01:18: %DIAG-SP-6-DIAG_OK: Module 5: Passed Online Diagnostics

00:01:18: %OIR-SP-6-INSCARD: Card inserted in slot 5, interfaces are now online 00:01:21: %DIAG-SP-6-RUN_MINIMUM: Module 4: Running Minimum Diagnostics... Router> Router> Router>

00:01:36: %DIAG-SP-6-RUN_MINIMUM: Module 9: Running Minimum Diagnostics... Router> Router>

00:01:42: %DIAG-SP-6-RUN_MINIMUM: Module 1: Running Minimum Diagnostics... 00:01:44: %DIAG-SP-6-DIAG_OK: Module 4: Passed Online Diagnostics

00:01:45: %OIR-SP-6-INSCARD: Card inserted in slot 4, interfaces are now online 00:01:: %DIAG-SP-6-DIAG_OK: Module 9: Passed Online Diagnostics

00:01:: %OIR-SP-6-INSCARD: Card inserted in slot 9, interfaces are now online 00:01:57: %DIAG-SP-6-DIAG_OK: Module 1: Passed Online Diagnostics

00:01:57: %OIR-SP-6-INSCARD: Card inserted in slot 1, interfaces are now online 00:02:06: %DIAG-SP-6-RUN_MINIMUM: Module 2: Running Minimum Diagnostics... 00:02:15: %DIAG-SP-6-DIAG_OK: Module 2: Passed Online Diagnostics

00:02:15: %OIR-SP-6-INSCARD: Card inserted in slot 2, interfaces are now online Router>

Router>enable

Router#copy startup-config running-config Destination filename [running-config]? (回车)

48 bytes copied in 2.48 secs (2432 bytes/sec) sup720#

sup720#configure terminal

Enter configuration commands, one per line. End with CNTL/Z. sup720(config)#enable secret NUAIKO sup720(config)#config-register 0x2102 sup720(config)#line vty 0 4

sup720(config-line)#password 91Lab sup720(config-line)#^Z

sup720#copy running-config startup-config Destination filename [startup-config]?

(回车)

Building configuration... [OK]

sup720#reload

Proceed with reload? [confirm] (回车)

七.基于CISCO IOS的CATALYST 6000/6500密码恢复:

本section只适用于基于Supervisor Engine 1/2/720的系统,并且对于Supervisor Engine 720,本section针对的是CISCO IOS软件版本12.2(17)SX或其后续版本的,之前版本的恢复参考,请参见上一section.

其密码恢复过程,除了CTRL+BREAK无10秒的,以及在修改了寄存器值为0x2142后,要手动重启之外:

rommon 1 > confreg 0x2142

You must reset or power cycle for new config to take effect rommon 2 > reset

其他过程和上一section完全一样,就不赘述了

因篇幅问题不能全部显示，请点此查看更多更全内容

查看全文