Embed Size (px)
DESCRIPTION
Password Recovery (Router series) Cisco Routers / Switches 의 Enable / Secret password recovery. Password Recovery 시 System Reboot 이 1 번 이상 필요. Routers 의 Register 값을 조정하여 Startup-config 를 무시하도록 변경 - 0x2102 : default/current value - 0x2142 : Startup-config 무시 ( 초기화 ) Access switches 의 config file name 을 조정하여 startup-config 를 무시. 각 변경 값은 Booting 완료 및 Password 복구 후 Default value 로 원복. 해당 제품 군 - Cisco 806, Cisco 827, Cisco uBR900, Cisco 1003, Cisco 1004, Cisco 1005 Cisco 1400, Cisco 1600, Cisco 1700, Cisco 2600, Cisco 3600, Cisco 4500 Cisco 4700, Cisco AS5x00, Cisco 6x00, Cisco 7000 (RSP7000), Cisco 7100 Cisco 7200, Cisco 7500, Cisco uBR7100, Cisco uBR7200, Cisco uBR10000 Cisco 12000, Cisco LS1010, Catalyst 2948G-L3, Catalyst 4840G,Catalyst 4908G-L3, Catalyst 5500 (RSM), Catalyst 8510-CSR, Catalyst 8510-MSR, Catalyst 8540-CSR, Catalyst 8540-MSR, Cisco MC3810, Cisco NI-2, Cisco VG200 Analog Gateway, Route Processor Module
Citation preview
2005. 9
Password Recovery Procedures
GSR12000 Series Routers Cisco7500 Series Routers Cisco7200 Series Routers Cisco2500 Series Routers Catalyst6500 Series Switches (with Native IOS) Catalyst4000/4500 Series Switches Catalyst2900/3500 Series Switches
Agenda
Password Recovery (Router series)
Cisco Routers / Switches 의 Enable / Secret password recovery . Password Recovery 시 System Reboot 이 1 번 이상 필요 . Routers 의 Register 값을 조정하여 Startup-config 를 무시하도록 변경
- 0x2102 : default/current value
- 0x2142 : Startup-config 무시 ( 초기화 ) Access switches 의 config file name 을 조정하여 startup-config 를 무시 . 각 변경 값은 Booting 완료 및 Password 복구 후 Default value 로 원복 . 해당 제품 군 - Cisco 806, Cisco 827, Cisco uBR900, Cisco 1003, Cisco 1004, Cisco 1005 Cisco 1400, Cisco 1600, Cisco 1700, Cisco 2600, Cisco 3600, Cisco 4500
Cisco 4700, Cisco AS5x00, Cisco 6x00, Cisco 7000 (RSP7000), Cisco 7100 Cisco 7200, Cisco 7500, Cisco uBR7100, Cisco uBR7200, Cisco uBR10000
Cisco 12000, Cisco LS1010, Catalyst 2948G-L3, Catalyst 4840G,Catalyst 4908G-L3, Catalyst 5500 (RSM), Catalyst 8510-CSR, Catalyst 8510-MSR, Catalyst 8540-CSR,
Catalyst 8540-MSR, Cisco MC3810, Cisco NI-2, Cisco VG200 Analog Gateway, Route Processor Module
GSR12000/C7500/C7200 Series Routers
1. Console 사용을 위한 Terminal setup (terminal/ terminal emulation)
- 9600 baud rate, No parity, 8 data bits, 1 stop bit, No flow control
2. User mode “Router>show version” 을 통해 register 값을 확인 “ 0x2102”
- Radius/TACACS 등에 연동 되어있어 확인 불가하면 아래로 이동
3. System Power Off / On 을 통해 Reboot
4. Ctrl+Break 또는 Break 를 할 수 있는 Key 를 통해 Router booting 과정을 멈춤
5. “rommon 1> “ prompt 에서 “ confreg 0x2142” 입력 후 “ reset”
- rommon 1> confreg 0x2142
rommon 2> reset
Register 0x2142 는 Startup-config 를 무시하고 Booting 하는 값
6. "Would you like to enter the initial configuration dialog?[yes/no]" 에서 “ no” 입력
7. “Router>”prompt 상에서 “ Enable” 을 통해 “ Router#” prompt 로 이동
8. “copy startup-config running-config” 를 통해 NVRAM 의 config 를 불러옴 .
9. “config terminal” 을 통해 config mode 에서 Eanble / Secret password 변경
- Router(config)#enable secret hanaro
10. “config-register 0x2102 “ 로 기 변경한 register 값 원복
11. Startup-config 를 불러와도 모든 Interface 는 shutdown 상태 유지 하므로 “ no shutdown” 실행
12. Write / copy running-config startup-config 를 통해 변경사항 저장 .
Example of Password Recovery Procedure (1)
Router>enable
Password:
Password:
Password:
% Bad secret
!======= Password recovery 요망
Router>show version
Cisco Internetwork Operating System Software
Configuration register is 0x2102
!======== Register 값 확인
!======== System Power Off/On 후 Break Key
*** System received an abort due to Break Key ***
rommon 1 > confreg 0x2142
!======== Register 값 변경
You must reset or power cycle for new config to take effect
rommon 2 > reset
!========== System reboot
System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by cisco Systems, Inc.
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: n
!======= configuration dialog 취소 (“no” 입력 )
Press RETURN to get started!
Router>enable
Router#copy startup-config running-config
Destination filename [running-config]?
!========= NVRAM 의 startup config 불러옴
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret cisco
!========= Loading 된 configuration 상에 password 복구 ( 변경 )
Router#show ip interface brief
!========= system restart 후 loading 된 configuration 은 Interface shutdown 상태로 되어있음
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 10.200.40.37 YES TFTP administratively down down
Serial0/0 unassigned YES TFTP administratively down down
Example of Password Recovery Procedure (2)
Router#configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)#interface Ethernet0/0Router(config-if)#no shutdown!========== Shutdown 되어 있는 Interface no shutdown 수행Router#00:02:35: %SYS-5-CONFIG_I: Configured from console by consoleRouter#copy running-config startup-config!========== 변경된 password 및 shutdown 정보 저장
Router#configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)#config-register 0x2102Router(config)#^Z!========== 기 변경된 register 값 변경Router#show versionCisco Internetwork Operating System SoftwareConfiguration register is 0x2142 (will be 0x2102 at next reload)!====== register 값 변경 여부 확인 (0x2102 로 바뀌었고 system reboot 후에도 0x2102 로 됨 ) 꼭 이를 위해 reboot 할 필요는 없음Router#
Example of Password Recovery Procedure (3)
GSR12000 Series Routers Cisco7500 Series Routers Cisco7200 Series Routers Cisco2500 Series Routers Catalyst6500 Series Switches (with Native IOS) Catalyst4000/4500 Series Switches Catalyst2900/3500 Series Switches
Agenda
Cisco2500 Series Routers
1. Console 사용을 위한 Terminal setup (terminal/ terminal emulation)
- 9600 baud rate, No parity, 8 data bits, 1 stop bit, No flow control
2. User mode “Router>show version” 을 통해 register 값을 확인 “ 0x2102”
- Radius/TACACS 등에 연동 되어있어 확인 불가하면 아래로 이동
3. System Power Off / On 을 통해 Reboot
4. Ctrl+Break 또는 Break 를 할 수 있는 Key 를 통해 Router booting 과정을 멈춤
5. “rommon 1> “ prompt 에서 o/r 0x2142” 입력 후 “ i” 를 통해 system reboot
- rommon 1> o/r 0x2142
rommon 2> i
Register 0x2142 는 Startup-config 를 무시하고 Booting 하는 값
6. "Would you like to enter the initial configuration dialog?[yes/no]" 에서 “ no” 입력
7. “Router>”prompt 상에서 “ Enable” 을 통해 “ Router#” prompt 로 이동
8. “copy startup-config running-config” 를 통해 NVRAM 의 config 를 불러옴 .
9. “config terminal” 을 통해 config mode 에서 Eanble / Secret password 변경
- Router(config)#enable secret hanaro
10. “config-register 0x2102 “ 로 기 변경한 register 값 원복
11. Startup-config 를 불러와도 모든 Interface 는 shutdown 상태 유지 하므로 “ no shutdown” 실행
12. Write / copy running-config startup-config 를 통해 변경사항 저장 .
GSR12000 Series Routers Cisco7500 Series Routers Cisco7200 Series Routers Cisco2500 Series Routers Catalyst6000/7600 Series Switches (with
Native IOS) Catalyst4000/4500 Series Switches Catalyst2900/3500 Series Switches
Agenda
Catalyst 6500/7600 series Switches with Native IOS
Catalyst 6500/7600 Native IOS 는 SP side 와 RP side booting 이 따로 이루어짐 . IOS 는 SP bootflash 에 저장되어 있으며 Booting 순서는 SP boot 후 RP boot 로 이루어짐 .
- First : SP (switch process)- Second : RP (Router process)
일반적인 configuration 및 기타 동작은 RP 에서 이루어 지며 password 또는 RP configuration 상에 동작하고 있음 .
Routers password recovery 와 동일한 복구방법 사용함 . Password recovery 시 Register 값 변경은 RP boot 시 break 를 통해 변경 해야 함
Example of Password Recovery Procedure (1)
Router>enablePassword:Password:Password:% Bad secret!======= Password recovery 요망Router>show versionCisco Internetwork Operating System SoftwareConfiguration register is 0x2102!======== Register 값 확인 !======== System Power Off/On 후 RP booting 시 Break Key
System Bootstrap, Version 8.4(2) ReleaseCopyright (c) 1994-2005 by cisco Systems, Inc.Cat6k-Sup720/SP processor with 1048576 Kbytes of main memory!========= First boot SP processor booting
0:00:07: %OIR-SP-6-CONSOLE: Changing console ownership to route processor
!========= console ownership RP 로 변경 / Break key & Ctrl + Break key System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1)Cat6k-Sup720/RP platform with 1048576 Kbytes of main memory
Example of Password Recovery Procedure (2)
rommon 1 > confreg 0x2142
!======== Register 값 변경
You must reset or power cycle for new config to take effect
rommon 2 > reset
!========== System reboot
System Bootstrap, Version 8.4(2) Release
Copyright (c) 1994-2005 by cisco Systems, Inc.
Cat6k-Sup720/SP processor with 1048576 Kbytes of main memory
0:00:07: %OIR-SP-6-CONSOLE: Changing console ownership to route processor
System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1)
Cat6k-Sup720/RP platform with 1048576 Kbytes of main memory
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: n
!======= configuration dialog 취소 (“no” 입력 )
Press RETURN to get started!
Router>enable
Router#copy startup-config running-config
Destination filename [running-config]?
!========= NVRAM 의 startup config 불러옴
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret cisco
!========= Loading 된 configuration 상에 password 복구 ( 변경 )
Router#show ip interface brief
!========= system restart 후 loading 된 configuration 은 Interface shutdown 상태로 되어있음
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 10.200.40.37 YES TFTP administratively down down
Serial0/0 unassigned YES TFTP administratively down down
Example of Password Recovery Procedure (3)
Router#configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)#interface Ethernet0/0Router(config-if)#no shutdown!========== Shutdown 되어 있는 Interface no shutdown 수행Router#00:02:35: %SYS-5-CONFIG_I: Configured from console by consoleRouter#copy running-config startup-config!========== 변경된 password 및 shutdown 정보 저장
Router#configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)#config-register 0x2102Router(config)#^Z!========== 기 변경된 register 값 변경Router#show versionCisco Internetwork Operating System SoftwareConfiguration register is 0x2142 (will be 0x2102 at next reload)!====== register 값 변경 여부 확인 (0x2102 로 바뀌었고 system reboot 후에도 0x2102 로 됨 ) 꼭 이를 위해 reboot 할 필요는 없음Router#
Example of Password Recovery Procedure (4)
GSR12000 Series Routers Cisco7500 Series Routers Cisco7200 Series Routers Cisco2500 Series Routers Catalyst6000/7600 Series Switches (with Native
IOS) Catalyst4000/4500 Series Switches Catalyst2900/3500 Series Switches
Agenda
Catalyst 4000/4500 series Switches (1)
1. Password Recovery 필요시 Power Off / on 후 Autobooting message 가 나올 때 5sec 안에 Ctrl+C Key 를 눌러 booting 과정을 멈춤 ROM monitor prompt 상태로 됨
!--- Switch being power cycled. ********************************************************** * Welcome to ROM Monitor for WS-X4014 System. * * Copyright (c) 1999-2000, 2001 by Cisco Systems, Inc. * * All rights reserved. * ********************************************************** ROM Monitor Program Version 12.1(10r)EY(1.21)
Board type 1, Board revision 7 Swamp FPGA revision 16, Dagobah FPGA revision 43 Main Memory : 256 Mbytes
***** The system will autoboot in 5 seconds *****
Type control-C to prevent autobooting.
!--- At this point Hit Ctl^C.Autoboot cancelled......... please wait!!!!--- Module ended in the rommon.rommon 1 >
Catalyst 4000/4500 series Switches (2)
2. “confreg“ command 를 통해 아래 질문에 대해 “ Y”, “N” 로 입력 새로운 configuration 을 적용하겠다는 의미 .
rommon 1 >confreg
Configuration Summary : => load ROM after netboot fails => console baud: 9600 => autoboot from: commands specified in 'BOOT' environment variable do you wish to change the configuration? y/n [n]: y enable "diagnostic mode"? y/n [n]: n enable "use net in IP bcast address"? y/n [n]: n disable "load ROM after netboot fails"? y/n [n]: n enable "use all zero broadcast"? y/n [n]: n enable "break/abort has effect"? y/n [n]: n enable "ignore system config info"? y/n [n]: y change console baud rate? y/n [n]: n change the boot characteristics? y/n [n]: n
Configuration Summary : => load ROM after netboot fails => ignore system config info => console baud: 9600 => autoboot from: commands specified in 'BOOT' environment variable
Catalyst 4000/4500 series Switches (2)
do you wish to save this configuration? y/n [n]: y You must reset or power cycle for new configuration to take effect
3. rommom#> prompt 상에서 “ reset” command 를 통해 system reload 수행
Resetting .......
!--- Output suppressed.
Press RETURN to get started!
4. NVRAM 의 startup-config 를 running-config 로 복사 수행 – 저장되어 있는 configuration loading“configure memory” or “copy startup-config running-config” command 사용
Switch# copy startup-config running-config [or configure memory] Switch#
5. Loading 된 configuration 에서 Enable password 또는 Enable secret password 변경
c-4006-SUPIII# configure terminal Enter configuration commands, one per line. End with CNTL/Z.c-4006-SUPIII(config)# no enable secretc-4006-SUPIII(config)# enable secret Cisco
Catalyst 4000/4500 series Switches (3)
6. Rommon 상에서 변경한 Register 값 원복
c-4006-SUPIII# configure terminal Enter configuration commands, one per line. End with CNTL/Z.c-4006-SUPIII(config)# config-register 0x2102c-4006-SUPIII(config)# ^Zc-4006-SUPIII#
c-4006-SUPIII# show versionCisco Internetwork Operating System Software
Configuration register is 0x2142 (will be 0x2102 at next reload)
7. 모든 변경사항 저장 – configuration 을 Load 하기 전에 절대 저장하면 안됨 .
c-4006-SUPIII# write memory
GSR12000 Series Routers Cisco7500 Series Routers Cisco7200 Series Routers Cisco2500 Series Routers Catalyst6000/7600 Series Switches (with Native
IOS) Catalyst4000/4500 Series Switches Catalyst2900/3500 Series Switches
Agenda
Catalyst 2900/3500 series Switches (1)
1. Power Off/On – power cable Unplug and reconnectingPower Cable 재연결 시에 Switch 앞 단의 Mode button 누른 상태에서 cable 재 연결
The system has been interrupted prior to initializing the flash file system to finish loading the operating system software:
flash_initload_helperbootswitch:
Catalyst 2900/3500 XL Series Switches : Port1x LED 가 꺼질 때 까지 Mode button 을 누르고 있는다 .
Catalyst 2940/2950 Series Switches : STAT LED 가 꺼질 때 까지 Mode button 을 누르고 있는다 .
Catalyst 2900/3500 series Switches (2)
2. “Switch:” prompt 상에서 “ flash_init” , “load_helper” command 를 통해 Flash 시작한다 .
switch: flash_initInitializing Flash...flashfs[0]: 143 files, 4 directoriesflashfs[0]: 0 orphaned files, 0 orphaned directoriesflashfs[0]: Total bytes: 3612672flashfs[0]: Bytes used: 2729472flashfs[0]: Bytes available: 883200flashfs[0]: flashfs fsck took 86 seconds....done Initializing Flash.Boot Sector Filesystem (bs:) installed, fsid: 3Parameter Block Filesystem (pb:) installed, fsid: 4switch:switch: load_helperswitch:
Catalyst 2900/3500 series Switches (3)
3. “dir flash: “ command 를 통해 IOS 및 configuration 이 저장 되어 있는 Files 을 확인한다 . - config.text : startup-configuration 이 저장 되어 Booting 시 Loading 되는 File.
switch: dir flash:Directory of flash:/2 -rwx 1803357 <date> c3500xl-c3h2s-mz.120-5.WC7.bin4 -rwx 1131 <date> config.text5 -rwx 109 <date> info6 -rwx 389 <date> env_vars7 drwx 640 <date> html18 -rwx 109 <date> info.ver403968 bytes available (3208704 bytes used)switch:
4. Startup-config 가 Booting 시 Load 되지 않도록 Config.text file 명 변경
switch: rename flash:config.text flash:config.oldswitch:
Catalyst 2900/3500 series Switches (4)
5. “boot” command 를 통해 system reload 를 수행하여 config 초기화 되도록 한다 .
switch: bootLoading "flash:c3500xl-c3h2s-mz.120-5.WC7.bin"...###############################File "flash:c3500xl-c3h2s-mz.120-5.WC7.bin" uncompressed and installed, entry point: 0x3000executing...
6. Cofiguration dialog 질문에 “ no” 를 입력하여 prompt 상태로 들어간다 .
--- System Configuration Dialog ---At any point you may enter a question mark '?' for help.Use ctrl-c to abort configuration dialog at any prompt.Default settings are in square brackets '[]'.Continue with configuration dialog? [yes/no]: n
Press RETURN to get started.
Switch>Switch>enSwitch#
Catalyst 2900/3500 series Switches (5)
7. Rename command 를 통해 초기화 시 file 명을 변경한 config.text 를 원복한다 .
Switch#rename flash:config.old flash:config.textDestination filename [config.text]
8. startup-config (config.text) 상의 내용을 Load 한다 .- 기존 정보를 불러올 때까지 저장 명령은 사용하면 안됨 . (password 복구 후 저장 )
Switch#copy flash:config.text system:running-configDestination filename [running-config]?
1131 bytes copied in 0.760 secsSwitch#
9. 기 Loading 된 configuration 에 Password 확인 및 수정하도록 한다 .
Switch#configure terminalSwitch(config)#no enable secret Switch(config)#enable password CiscoSwitch#(config)#^Z
10. 모든 절차 및 Password 변경 확인 후 변경된 사항을 저장한다 .Switch#write memoryBuilding configuration...[OK]Switch#
Reference
http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1831/products_tech_note09186a00801746e6.shtml
http://www.cisco.com/en/US/partner/products/hw/routers/ps167/products_password_recovery09186a0080093e10.shtml
http://www.cisco.com/en/US/partner/products/hw/routers/ps233/products_password_recovery09186a0080094795.shtml
http://www.cisco.com/en/US/partner/products/hw/switches/ps700/products_password_recovery09186a0080133fb1.shtml
http://www.cisco.com/en/US/partner/products/hw/switches/ps663/products_password_recovery09186a00800945f7.shtml
http://www.cisco.com/en/US/partner/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml
