Router Password Recovery Procedure

Answered Question
Apr 8th, 2012
User Badges:
  • Blue, 1500 points or more

hi all,


i just wanna know if it's possible to perform a router password recovery using the reload command and then issue the break sequence instead of doing an off/on on the power switch. i often find in the docs to use the latter.


also, is there a way to retain the startup-config on a router when we re-enable the password recovery functionality (no service password-recovery). i've just tried this on one of our 877 and when i hit the break sequence, it went back to factory default setting.



System Bootstrap, Version 12.3(8r)YI3, RELEASE SOFTWARE

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 2006 by cisco Systems, Inc.


C870 series (Board ID: 1-148) platform with 131072 Kbytes of main memory


PASSWORD RECOVERY FUNCTIONALITY IS DISABLED

Booting flash:/c870-advsecurityk9-mz.124-9.T1.bin

Self decompressing the image :


#################################################################################


######### [OK]


-----


Username: cisco

Password:

yourname#

Correct Answer by Leo Laohoo about 4 years 11 months ago
 i've just tried this on one of our 877 and when i hit the break sequence, it went back to factory default setting.

Not it won't.  Someone must've hit the "Reset" button when you did the power reboot.

Correct Answer by Jeff Van Houten about 4 years 11 months ago

If you are attempting to disallow password recovery, then you cannot recover the startup-config. The point of no service password-recovery is to keep your configs private even if someone has physical access to the device. I believe the STRONG recommendation in the documentation associated with this command is to keep a backup of your configs.


Sent from Cisco Technical Support iPad App

Correct Answer by Reza Sharifi about 4 years 11 months ago

Hi John,


In order to do a password recovery, you have to console to the router.  Once you are consoled to the router, as Roman noted, you can power cycle or reload.

regarding your section question, if you have enabled "no service password-recovery" than you can't recover the start-up config.  You can only reset to factory default.


http://www.cisco.com/en/US/products/hw/routers/ps274/products_configuration_example09186a00801d8113.shtml


HTH

Correct Answer by Roman Rodichev about 4 years 11 months ago

if you don't know router's password and can't get into it, how can you issue reload command? Otherwise, issuing reload and power cycling can both be used for password recovery.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Loading.
Correct Answer
Roman Rodichev Sun, 04/08/2012 - 08:05
User Badges:
  • Gold, 750 points or more

if you don't know router's password and can't get into it, how can you issue reload command? Otherwise, issuing reload and power cycling can both be used for password recovery.

Correct Answer
Jeff Van Houten Sun, 04/08/2012 - 08:35
User Badges:
  • Silver, 250 points or more

If you are attempting to disallow password recovery, then you cannot recover the startup-config. The point of no service password-recovery is to keep your configs private even if someone has physical access to the device. I believe the STRONG recommendation in the documentation associated with this command is to keep a backup of your configs.


Sent from Cisco Technical Support iPad App

johnlloyd_13 Sun, 04/08/2012 - 16:29
User Badges:
  • Blue, 1500 points or more

Hi Roman,


Thanks for pointing that out! I've forgotten you'll need to be in privileged mode in order to do that.


Sent from Cisco Technical Support iPhone App

Correct Answer
Reza Sharifi Sun, 04/08/2012 - 08:33
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi John,


In order to do a password recovery, you have to console to the router.  Once you are consoled to the router, as Roman noted, you can power cycle or reload.

regarding your section question, if you have enabled "no service password-recovery" than you can't recover the start-up config.  You can only reset to factory default.


http://www.cisco.com/en/US/products/hw/routers/ps274/products_configuration_example09186a00801d8113.shtml


HTH

Correct Answer
Leo Laohoo Sun, 04/08/2012 - 16:14
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

 i've just tried this on one of our 877 and when i hit the break sequence, it went back to factory default setting.

Not it won't.  Someone must've hit the "Reset" button when you did the power reboot.

johnlloyd_13 Sun, 04/08/2012 - 16:33
User Badges:
  • Blue, 1500 points or more

Hey Leo,


I guess you're right. I've actually pressed the reset button a few times before the break sequence. I've read somewhere that hitting the break sequence would re-enable password recovery.


Appreciate everyone's feedback! Cheers!


Sent from Cisco Technical Support iPhone App

Leo Laohoo Mon, 04/09/2012 - 15:28
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Thanks for the ratings John.

Actions

This Discussion

Related Content