Cisco 876: no service password-recovery

Unanswered Question
Apr 11th, 2008

Hi there, I'm new here.

I'm a trainee in Germany and currently in a project that involves Ciscos 870 Router series.

We (our project-group) have a security issue, which we can't solve.

As mentioned above, we configured "no service password-recovery" as it is our intention to isolate the config inside the router in case it gets intruded.

The problem with that is, that the router isn't reacting to any break-sequence, like it is mentioned in the "no service password-recovery" manual (

We even connected the router via an async interface to have a telnet-connection instead of a direct console-port connection via COM1, but that changed anything.

With "no service password-recovery" configured, we can't get into the ROMMON.

It works well, if we try that with the default settings.

Is this feature (to its full extend) simply not suported on 876 Routers?

The ROMMON version is 12.3.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
guibarati Mon, 04/14/2008 - 05:24

The porpuse of this command is that. You can not get access to ROMMON if you use the no service password-recovery.

Lagerhaus_Jonny Mon, 04/14/2008 - 21:52

No, that's not right.

It IS possible to enter the ROMMON with

"service password-recovery" disabled.

Read the link I mentioned above, there it says:

"To recover a device once the No Service Password-Recovery feature has been enabled, press the Break key within 5 seconds after the image decompresses during the boot. You are prompted to confirm the Break key action. When you confirm the action, the startup configuration is erased, the password-recovery procedure is enabled, and the router boots with the factory default configuration.

If you do not confirm the Break key action, the router boots normally with the No Service Password-Recovery feature enabled."

And that's basically all I want to do, unfortunately that doesn't work.

guibarati Tue, 04/15/2008 - 03:31

If it would be true the "no service password-recovery" command has no action. This command is right for this porpuse, not allowing people to recover password even with fisical access to the device. If you could do it this command would be useless.

But you are right the link you posted had this words saying "to recover a device...." but the same document says if you issue the "no service password-recovery" there is no way to get in ROMMON. So it's difficul to say which one is right


This Discussion