[c-nsp] Deactive password recovery feature

Ted Mittelstaedt tedm at toybox.placo.com
Tue Aug 2 14:16:29 EDT 2005


It also doesen't work.  At least, it doesen't work with the stated goal
of deactivating password recovery.  It does work with the stated goal of
deactivating password recovery for idiots.

>From the URL that you cited:

"To recover a device once the No Service Password-Recovery feature has
been enabled, press the Break key within 5 seconds after the image
decompresses during the boot"

Now, if the goal is to prevent someone from reading your startup
configuration, then yes, this does work - because the startup-config
is erased if you do the break key within 5 seconds and confirm it.

And if the goal is to keep low-grade morons out of your router by
pulling the break during boot procedure, then yes, it does work.

But if the goal is to render the router inoperable if you get hit
by a bus and your the only one who knows the password for the router,
or your getting fired tomorrow and you want to screw your employer
on the way out, then no, Cisco has more compassion for the administrators
who are going to be stuck with this device after your gone, than
you do.

Ted

>-----Original Message-----
>From: cisco-nsp-bounces at puck.nether.net
>[mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of David Freedman
>Sent: Tuesday, August 02, 2005 7:53 AM
>To: cisco-nsp at puck.nether.net
>Subject: Re: [c-nsp] Deactive password recovery feature
>
>
>http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/
>123newft/123limit/123y/123ya8/ftnsvpwd.htm
>
>This has been in previous releases but has been hidden.
>
>I believe its hardware dependant.
>
>Dave.
>
>
>Adell Shahini wrote:
>> In the name of God
>> Hi Dear
>> Any one can help me how I can deactive password recovery on
>cisco routers .
>>
>> (Can I solve this problem via Config-register ? )
>>
>>
>> Best Regards .
>>
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>



More information about the cisco-nsp mailing list