Scribd Logo
Upload

Welcome to Scribd!

  • Brocade Password Recovery

    Uploaded by

    alanv72
    1K views11 pages
    Brocade and Partner Confidential RECOVERING FROM A FORGOTTEN PASSWORD. You can recover the User, Admin, or Factory Passwords if the root password is known. The Password Recovery firmware is effective only for the first time it is launched.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Brocade and Partner Confidential RECOVERING FROM A FORGOTTEN PASSWORD. You can recover the User, Admin, or Factory Passwords if the root password is known. The Password Recovery firmware is effective only for the first time it is launched.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1K views11 pages

    Brocade Password Recovery

    Uploaded by

    alanv72
    Brocade and Partner Confidential RECOVERING FROM A FORGOTTEN PASSWORD. You can recover the User, Admin, or Factory Passwords if the root password is known. The Password Recovery firmware is effective only for the first time it is launched.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    FOS v2.6.1/3.1/4.1 Users & Boot Password Recovery V1.

    1 of 11 Brocade and Partner Confidential

    RECOVERING FROM A FORGOTTEN PASSWORD..............................................3 Recovering the User, Admin, or Factory Passwords ..................................................... 3 Recovering the Root Password on Fabric OS v2.6.1 ..................................................... 4 Recovering the Root Password on Fabric OS v3.1 ........................................................ 6 Recovering the Root Password on Fabric OS v4.1 ........................................................ 8 RECOVERING THE BOOT PROM PASSWORD ......................................................9 To recover the Boot PROM password on a SilkWorm 3900: ....................................... 9 To recover the Boot PROM password on a SilkWorm 12000: ................................... 10

    2 of 11 Brocade and Partner Confidential

    Recovering from a Forgotten Password


    You can recover passwords as follows: If the User, Admin, or Factory passwords are lost, but the Root password is known. If the Root password is lost but the boot monitor interface (Boot PROM) password is known. If the Boot PROM password is lost (applies to Fabric OS v4.1 only)

    Recovering the User, Admin, or Factory Passwords


    You can recover the User, Admin, and Factory passwords if the Root password is known. Note: If the Secure Mode of the Secure Fabric OS feature is enabled, you must log into the Primary FCS switch. 1. Open a CLI connection (serial or telnet) to the switch. 2. Login as Root. 3. Enter the one of the following commands, according to the type of password lost: passwd user passwd admin passwd factory 4. Enter the requested information at the prompts. sw0:root> passwd admin Changing password for admin Enter new password: Re-type new password: passwd: all authentication tokens updated successfully Saving password to stable storage. Password saved to stable storage successfully.

    3 of 11 Brocade and Partner Confidential

    Recovering the Root Password on Fabric OS v2.6.1


    This procedure requires the Password Recovery firmware, available from Brocade Technical Support. The Password Recovery firmware is effective only for the first time it is launched. You cannot use the Password Recovery firmware to perform any other switch functions. The Password Recovery firmware is unique and can only be applied to the requested WWN. To obtain the Password Recovery firmware, the WWN of the switch must be supplied to Brocade Technical Support to generate the firmware appropriately. Please note that performing the Password Recovery process will require switch downtime. Recommended methods are to have the switch removed from the fabric and rejoin after the recovery process has been comp leted. This procedure is based on a switch that is accessible by the host either on an Ethernet network or through an ethernet crossover cable. Requires both a serial and Ethernet connection when performing this procedure. 1. Copy the Password Recovery firmware to a secure location that is accessible to the switch. 2. Connect to the serial port interface 3. Power the switch off and back on. 4. Set the boot parameters on your switch to perform a netboot: a. At the [VxWorks Boot] prompt for the switch, enter c. b. Enter the requested information at the prompts. To accept the default value for a parameter, press Enter. The parameters are defined as follows. Parameter Definition host name file name inet on ethernet host inet gateway inet user Name of machine on which Password Recovery firmware is located Full pathname where Password Recovery firmware is located Switch IP address Host IP address Gateway address Login name of user account on host machine

    _____________________________________________________________________________________

    Press any key to stop auto-boot... 4 [VxWorks Boot]: c '.' = clear field; '-' = go to previous field; ^D = quit boot device : fei processor number : 0 host name : host file name : /usr/switch/firmware resetPasswd303f6f inet on ethernet (e) : 192.168.132.217:fffff000 inet on backplane (b): host inet (h) : 192.168.132.133 gateway inet (g) : 192.168.132.133

    4 of 11 Brocade and Partner Confidential

    user (u) : user ftp password (pw) (blank = use rsh): flags (f) : 0x0 target name (tn) : sw2800 startup script (s) : other (o) :

    5. Enter @ at the [VxWorks Boot] prompt to begin booting the Password Recovery version of the firmware from the network.
    [VxWorks Boot]: @ boot device : fei processor number : 0 host name : host file name : resetPasswd303f6f inet on ethernet (e) : 192.168.132.217:fffff000 host inet (h) : 192.168.132.133 gateway inet (g) : 192.168.132.133 user (u) : user flags (f) : 0x0 target name (tn) : sw2800 Attaching network interface fei0... done. Attaching network interface lo0... done. host is alive <-------------------------CONNECTION TO HOST PROVIDING FIRMWARE IMAGE Loading... 4407608 + 329564 + 1153796 Starting at 0x10400000... Attaching network interface fei0... done. Attached TCP/IP interface to fei unit 0 Attaching network interface lo0... done. telnetInit: telnetd initialized. NFS client support not included. efwHookAdd: Added Ethernet Hook Adding 9407 symbols for standalone. Model: 4 flash time 0, creation time 1048818644 Committing configuration...done. setting passwd to defaults <---------FIRMWARE IMAGE RESETS PASSWORD TO BROCADE DEFAULTS Time Bomb has been set <----------------------------------------TIME BOMB RESTRICTED ONE TIME USE Passwords have been reset. Please power cycle the switch.

    The User, Admin, Factory, and Root passwords are reset to the default values. 6. Power the switch off and back on. 7. Press any key when you see the message Press any key to stop autoboot.... This provides access to the boot prompt. 8. Return the boot parameters to booting from the flash again: a. At the [VxWorks Boot] prompt, enter c to begin resetting the boot parameters to the default settings. b. Remove the values that you added in step 4b by entering a dot (.) after each parameter and pressing Enter. The boot parameters are returned to the default settings. 9. Power the switch off and back on to reload the original firmware from flash. The switch resumes normal operation.

    5 of 11 Brocade and Partner Confidential

    10. Log into the switch by telnet or serial as Root, and set new passwords for all accounts.

    Recovering the Root Password on Fabric OS v3.1


    This procedure requires the Password Recovery firmware, available from Brocade Technical Support. The Password Recovery firmware is effective only for the first time it is launched. You cannot use the Password Recovery firmware to perform any other switch functions. To obtain the Password Recovery firmware, the WWN of the switch must be supplied to Brocade Technical Support to generate the firmware appropriately. Please note that performing the Password Recovery process will require switch downtime. Recommended methods are to have the switch removed from the fabric and rejoin after the recovery process has been completed. This procedure is based on a switch that is accessible by the host either on an Ethernet network or through an ethernet crossover cable. Requires both a serial and Ethernet connection when performing this procedure. 1. Copy the Password Recovery firmware to a secure location that is accessible to the switch. 2. Connect to the serial port interface 3. Power the switch off and back on. 4. Set the boot parameters on your switch to perform a netboot: a. At the [VxWorks Boot] prompt for the switch, enter c. b. Enter the requested information at the prompts. To accept the default value for a parameter, press Enter. The parameters are defined as follows. Parameter Definition host name file name inet on ethernet host inet gateway inet user Name of machine on which Password Recovery firmware is located Full pathname where Password Recovery firmware is located Switch IP address Host IP address Gateway address Login name of user account on host machine

    _____________________________________________________________________________________

    Press any key to stop auto-boot... 4 [VxWorks Boot]: c '.' = clear field; '-' = go to previous field; ^D = quit

    boot device : fei processor number : 0 host name : MyHostMachine file name : /usr/switch/firmware resetPasswd500ea45 inet on ethernet (e) : 10.54.60.34:fffff000 inet on backplane (b):

    6 of 11 Brocade and Partner Confidential

    host inet (h) : 10.54.60.20 gateway inet (g) : 10.54.60.20 user (u) : user ftp password (pw) (blank = use rsh): flags (f) : 0x0 target name (tn) : 3800_0 startup script (s) : other (o) : 5. Enter @ at the [VxWorks Boot] prompt to begin booting the Password Recovery version of the firmware from the network.
    [VxWorks Boot]: @ boot device : fei processor number : 0 host name : host file name : resetPasswd500ea45 inet on ethernet (e) : 10.64.68.15:fffff000 host inet (h) : 10.54.60.20 gateway inet (g) : 10.54.60.20 user (u) : user flags (f) : 0x0 target name (tn) : 3800_0 Attaching network interface fei0... done. Attaching network interface lo0... done. host is alive <-------------------------CONNECTION TO HOST PROVIDING FIRMWARE IMAGE Loading... 5161192 + 389436 + 567392 Starting at 0x10400000...

    Attaching network interface fei0... done. Attached TCP/IP interface to fei unit 0 Attaching network interface lo0... done. telnetInit: telnetd initialized. NFS client support not included.
    efwHookAdd: Added Ethernet Hook Adding 10949 symbols for standalone. Model: 9 flash time 1048273524, creation time 1048273692 Committing configuration...done. setting passwd to defaults <---------FIRMWARE IMAGE RESETS PASSWORD TO BROCADE DEFAULTS Time Bomb has been set <----------------------------------------TIME BOMB RESTRICTED ONE TIME USE Passwords have been reset. Please power cycle the switch.

    The User, Admin, Factory, and Root passwords are reset to the default values. 6. Power the switch off and back on. 7. Press any key when you see the message Press any key to stop autoboot.... This provides access to the boot prompt. 8. Return the boot parameters to booting from the flash again: a. At the [VxWorks Boot] prompt, enter c to begin resetting the boot parameters to the default settings. b. Remove the values that you added in step 4b by entering a dot (.) after each parameter and pressing Enter. The boot parameters are returned to the default settings.

    7 of 11 Brocade and Partner Confidential

    9. Power the switch off and back on to reload the original firmware from flash. The switch resumes normal operation. 10. Log into the switch by telnet or serial as Root, and set new passwords for all accounts.

    Recovering the Root Password on Fabric OS v4.1


    If the Boot PROM password is still known, you can use the following procedure to recover the Root password on a SilkWorm 3900 or SilkWorm 12000. Note: This procedure requires accessing the boot prompt, which stops traffic flow through a SilkWorm 3900 until the switch is rebooted. On a SilkWorm 12000, you can recover the Root password without disruption to I/O by performing the procedure on the standby CP card. To recover the Root password: 1. Connect to the serial port interface of the switch (SW3900)/Standby CP(SW12000) 2. Reboot the switch (SW3900)/Standby CP (SW12000) and press ESC within four seconds after the message Press escape within 4 seconds... displays. Enter Boot PROM interface: 3. Enter the Boot PROM password. 4. Enter 3 at the prompt to enter the command shell. 5. Enter the printenv command and save the output. 6. Enter the boot command followed by the first memory address after the string OSLoader= obtained from the printenv output and s boot <memory address> -s

    The system is coming up, please wait... Checking system RAM - press any key to stop test Checking memory address: 01300000 System RAM check terminated by keyboard System RAM check complete Press escape within 4 seconds to enter boot interface. 1) Start system. 2) Recover password. 3) Enter command shell. Option? 3 Password: > printenv AutoLoad=yes ENET_MAC=006069602BD6 InitTest=MEM() LoadIdentifiers=IDE w/ XFS;IDE w/ XFS & NFS Root OSLoader=MEM()0xF0000000;MEM()0xF0800000 OSRootPartition=hda1;hda2 SkipWatchdog=yes > boot MEM()0xF0000000 -s

    8 of 11 Brocade and Partner Confidential

    Steps 7 through 11 are for a SW3900 only, skip to step 12 for SW12000.
    7. Enter the following string at the prompt: mount -o remount,rw,noatime / 8. Enter the following string at the prompt: mount /dev/hda2 /mnt 9. Enter the passwddefault command with the full path, as follows: /sbin/passwddefault This resets the User, Admin, Factory, and Root passwords to the default values 10. Enter the reboot -f command if the switch is a SW3900. reboot -f Traffic flow resumes when the switch finishes rebooting. 11. Log into the SW3900 switch by serial or telnet as Root and set new passwords for all accounts. The process is now complete for the SW3900. 12. From the serial connection to the standby CP card, set the appropriate hostname to the CP. Use cp0 for slot 5, and cp1 for slot 6. hostname cp0 13. Start networking on the standby CP /etc/init.d/network start 14. Perform one of the following according to which slot the CP card is in: If the standby CP card is in slot 5 (CP0), enter rsh 10.0.0.6 /sbin/passwddefault, press Enter. If the standby CP card is in slot 6 (CP1), enter rsh 10.0.0.5 /sbin/passwddefault, press Enter. 15. Reboot the Standby CP with the command reboot f 16. Log into the active CP as admin from a telnet or serial connection, and enter Ctrl + C to bypass the request to modify passwords. 17. Log into either logical switch by serial or telnet as admin and set new passwords for all accounts.

    Recovering the Boot PROM Password


    Recovering the Boot PROM password only applies to Fabric OS v4.1, and requires a unique recovery string generated by the Boot PROM. Note: This procedure requires accessing the boot prompt, which stops traffic flow through a SilkWorm 3900 until the switch is rebooted. On a SilkWorm 12000, you can recover the password with less disruption to I/O by performing the procedure on the standby CP card.

    To recover the Boot PROM password on a SilkWorm 3900:


    1. Connect to the serial port interface 2. Reboot the switch. 3. Press ESC within four seconds after the message Press escape within 4 seconds... displays. 4. Enter 2 at the prompt to enter the boot interface. 1) Start system. 2) Recover password. 3) Enter command shell.

    9 of 11 Brocade and Partner Confidential

    Option? 2 Send the following string to Customer Support for password recovery: /uasLR1raCqT3FToqy0ZjA== 5. Perform the appropriate steps to set the Boot PROM password, as prompted:

    The following message displays: Recovery password is NOT set. Please set it now.
    6. Send the recovery string generated in step 4 to Brocade Customer Support. 7. Enter the Recovery Password that is generated from Brocade Customer Support when prompted. 8. When prompted with New password:, enter the new Boot PROM password and re-enter when prompted. Note: Record this password for future use. Enter the supplied recovery password. Recovery Password: YnfG9DDrlFMDVkNM0RkPtg== Supplied by Brocade Support Re-enter Recovery Password: YnfG9DDrlFMDVkNM0RkPtg== New password: Re-enter new password: > saveenv

    If the Boot PROM password was previously set but the Recovery password was not:
    The following message displays: Recovery password is NOT set. Please set it now. Follow the instructions provided onscreen to set the Recovery password and reset the Boot PROM password. Note: You must set the Recovery password in order to set a new Boot PROM password.

    If both the Boot PROM password and the Recovery password were previously set:
    The following message displays: Send the following string to Customer Support.... a. Collect the entire message text (including the string) and the WWN of the switch. b. Enter the recovery string generated by recoverPasswd. This recovery string can only be used once. A message displays indicating whether the recovery is successful. If it was successful, you are prompted to enter the new Boot PROM password. c. Enter the new Boot PROM password at the prompt, then re-enter when prompted. The Boot PROM password is changed to the password you specified. Note: If the Root password is also lost refer to Recovering the Root Password.

    To recover the Boot PROM password on a SilkWorm 12000:


    1. Open a telnet session to either logical switch and enter the hashow command to determine which card is the standby CP card. 2. Connect to the serial port interface on the standby CP card. 3. Reboot the standby CP card by pressing the yellow ejector buttons at top of the CP card, then pressing the ejector handle back towards the switch to lock the card back into the slot. 4. Press ESC within four seconds after the message Press escape within 4 seconds... displays. 1) Start system. 2) Recover password. 3) Enter command shell.

    10 of 11 Brocade and Partner Confidential

    Option? 2 Send the following string to Customer Support for password recovery: /uasLR1raCqT3FToqy0ZjA== 5. Enter 2 at the prompt to enter the boot interface. 6. Perform the appropriate steps to set the Boot PROM Recovery password, as prompted: The following message displays: Recovery password is NOT set. Please set it now. 7. Send the recovery string generated in step 5 to Brocade Customer Support. 8. Enter the Recovery password that is generated from Brocade Customer Support when prompted. 9. When prompted with New password:, enter the new Boot PROM password and re-enter when prompted. Note: Record this password for future use. Enter the supplied recovery password. Recovery Password: YnfG9DDrlFMDVkNM0RkPtg== Supplied by Brocade Support Re-enter Recovery Password: YnfG9DDrlFMDVkNM0RkPtg== New password: Re-enter new password: > saveenv 10. Enter saveenv at the prompt to save boot PROM password.

    If the Boot PROM password was previously set but the Recovery password was not:
    The following message displays: Recovery password is NOT set. Please set it now. Follow the instructions provided onscreen to reset the Boot PROM password. Note: You must set the Recovery password in order to set a new Boot PROM password.

    If both the Boot PROM password and the Recovery password were previously set:
    a. Provide your support provider with the entire message text (including the string) and the WWN of your switch. b. Enter the recovery string provided by your support provider. This recovery string can only be used once. A message displays indicating whether the recovery is successful. If it was successful, you are prompted to enter the new Boot PROM password. c. Enter your new Boot PROM password at the prompt, then re-enter when prompted. The Boot PROM password is changed to the password you specified. Note: If the Root password is also lost refer to Recovering the Root Password. Note: If the Boot PROM password must be recovered on the Active CP, a haFailover must be done once the Standby CP has been rebooted and the CPs are in a redundant state. Then repeat the previous steps on the new Standby CP.

    11 of 11 Brocade and Partner Confidential

    You might also like