[j-nsp] password recovery procedure in JunOS
Johnson, Matthew (Matthew)
johnsonm at lucent.com
Thu Mar 23 05:47:40 EST 2006
I have not used this procedure from the juniper website.
Check the knowledge base procedure.
How to recover root password for JUNOS versions 4.X or above (KB ID: KB1972)
For routers running JUNOS 4.X.
Obtain console access
Power of the system and boot it up in single user mode. This is done by typing "-s" at the boot: prompt.
>> BOOT @ 0x10000: 639/64512 k of memory, serial/dual console
Boot default: 0:wd(0,a)kernel
Usage: bios_drive:interface(unit,partition)kernel_name options
interface fd, wd or sd
unit 0, 1, ...
partition a, c, ...
kernel_name name of kernel, or ? for list of files in root directory
options -c (userconfig) -s (single user) -v (verbose)
-D (dual consoles) -h (alternate console) -P (probe kbd)
boot: -s <====== Type "-s"
Next, the system will do it's normal bootup process. When prompted for "pathname" enter:
/usr/libexec/ui/recovery-mode
This will run a script for PW recovery.
Enter pathname of shell or RETURN for sh: /usr/libexec/ui/recovery-mode
The system will finish booting up and put you at a "root>" prompt as such.
...
...
NOTE: the system
Starting CLI ...
root>
Now you can go into configuration mode and edit or delete the root authentication password.
root> configure
Entering configuration mode
[edit]
root# delete system root-authentication
[edit]
root# commit and-quit
commit complete
Exiting configuration mode
Finally, reboot system.
root at congo3> request system reboot
Reboot the system ? [yes,no] (no) yes
For routers running JUNOS 5.X and above
>From console, interrupt the boot routine:
Hit [Enter] to boot immediately, or any other key for command prompt.
Booting [kernel] in 9 seconds...
< Press the space bar at this point >
Enter into single-user mode:
Type '?' for a list of commands, 'help' for more detailed help.
ok boot 's
Enter the shell:
System watchdog timer disabled
Jan 1 00:36:47 init: /etc/spwd.db: No such file or directory
Enter full pathname of shell or RETURN for /bin/sh:
Mount the virtual file systems (for JUNOS 5.4 and above, it is not necessary to mount the jbase package, however the other packages still need to be mounted):
NOTE: to go to multi-user operation, exit the single-user shell (with ^D)
# cd /packages
# ./mount.jbase
Mounted jbase package on /dev/vn1...
# ./mount.jkernel
Mounted jkernel package on /dev/vn2...
# ./mount.jroute
Mounted jroute package on /dev/vn3...
Enter recovery mode:
# /usr/libexec/ui/recovery-mode
Enter configuration mode and either delete or change the root authentication password:
root> configure
Entering configuration mode
[edit]
root# delete system root-authentication
Commit the changes, and exit configuration mode
[edit]
root # commit
commit complete
[edit]
root at router# exit
Exiting configuration mode
root at router> exit
Exit recovery mode and enter 'y' when prompted to reboot the system:
Reboot the system? [y/n] y
Terminated
The system now reboots and changes made to root authentication are activated.
Regards
MLJ
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of ulisses
Sent: 22 March 2006 21:31
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] password recovery procedure in JunOS
Hi all
I found that there is no documented password recovery on Juniper's site...
Am I right? why it is not available? customer care? }:-)
the only documentation I found is a message sent twice to this mailing list:
http://puck.nether.net/lists/cisco-nsp/10457.html
http://puck.nether.net/lists/cisco-nsp/7233.html
Thanks in advance
regards
Ulisses
PD: please Cc: your replies to me
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net http://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list