The Password Recovery Process

There are two password recovery procedures. They involve the following basic steps:

Step 1. Configure the router to boot up without reading the configuration memory (NVRAM). This is sometimes called test system mode.

Step 2. Reboot the system.

Step 3. Access enable mode (this can be done without a password if you are in test system mode).

Step 4. View or change the password, or erase the configuration.

Step 5. Reconfigure the router to boot up and read the configuration in NVRAM as it normally does.

Step 6. Reboot the system.

Password Recovery Procedure 1

Use this first password recovery procedure to recover lost passwords on the following Cisco routers:

• Cisco 2000 series

• Cisco 2500 series

• Cisco 3000 series

• Cisco 4000 series with 680x0 Motorola CPU

• Cisco 7000 series running Cisco IOS Software Release 10.0 or later in ROMs installed on the RP card. The router can be booting Cisco IOS Software Release 10.0 in Flash memory, but it needs the actual ROMs on the processor card, too.

• IGS series running Cisco IOS Software Release 9.1 or later in ROMs

To recover an enable password using Procedure 1, follow these steps:

Step 1. Attach a terminal or PC with terminal emulation software to the router's console port, and issue the command show version.

The configuration register value is on the last line of the display, as shown in Example D-1.

Example D-1 show version Command Output

 wg_ro_a#  show version  Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-JS-L), Version 12.0(3), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1999 by Cisco Systems, Inc. Compiled Mon 08-Feb-99 18:18 by phanguye Image text-base: 0x03050C84, data-base: 0x00001000 ROM: System Bootstrap, Version 11.0(10c), SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R),   Version 11.0(10c), RELEASE SOFTWARE (fc1) wg_ro_a uptime is 20 minutes System restarted by reload System image file is "flash:c2500-js-l_120-3.bin" --More--  Configuration register is 0x2102  

The factory default configuration register value is typically 0x2102. Copy this value. You will need it again later during the process.

NOTE

The bits of the configuration register are explained in greater detail in Appendix E, "Configuration Register Settings."

Turn off the router, and then turn it back on.

Step 2. Press the Break key on the terminal within 60 seconds of turning on the router.

The > prompt with no router name appears. If the prompt does not appear, the terminal is not sending the correct Break signal. In that case, check the terminal or terminal emulation setup. To view the current configuration register, you can type in the value e/s 2000002 or the letter o.

NOTE

The number that references the location of the configuration register might change from platform to platform. Check your specific product documentation for the exact number to be used.

Step 3. Enter o/r 0x2142 at the > prompt to boot from Flash memory or o/r0x2141 to boot an IOS subset image from the boot ROMs.

NOTE

The setting 0x2141 works only for devices that have boot ROM chips with an IOS subset. The Cisco 3600 series routers do not have subset images in boot ROM chips. A setting of 0x2141 on that device puts you in Rommon mode.

Note

In o/r, the first character before the slash is the letter o, not the numeral zero. If you have Flash memory and it is intact, 0x2142 is the best setting. Use 0x2141 only if the Flash memory is erased or not installed.

Step 4. At the > prompt, enter the initialize command or just i to initialize the router.

This causes the router to reboot but ignore its saved configuration. The system configuration display appears.

Note

If you normally use the boot network command, or if you have multiple images in Flash memory and you boot a nondefault image, the image in Flash might be different.

Step 5. Enter no in response to the System Configuration dialog prompts until the following message appears:

 Press RETURN to get started! 

Step 6. Press Return.

The Router> prompt appears.

Step 7. Enter the enable command.

The Router# prompt appears.

Step 8. Choose one of the following options:

To view the password, if it is not encrypted, enter the show startup-config command.

To change the password (if it is encrypted, for example), enter the following commands:

 Router  #   copy startup-config running-config  Router  #   configure terminal  Router(config)#  enable secret 1234abcd  

Step 9. Because ignoring the NVRAM and choosing to abort the setup would leave all interfaces in the shutdown state, it is important to enable all interfaces with the no shutdown command as follows :

 Router(config)#  interface ethernet 0  Router(config-if)#  no shutdown  

Step 10. Save your new password with the following commands:

 Router(config-if)#  ctrl-z  Router #  copy running-config startup-config  

NOTE

The enable secret command provides increased security by storing the enable secret password using a nonreversible cryptographic function; however, you cannot recover a lost password that has been encrypted.

Step 11. Enter the configure terminal command at the EXEC prompt to enter configuration mode.

Step 12. Enter the config-register command and the original value you recorded in Step 1.

Step 13. Press Ctrl-Z to quit the configuration editor.

Step 14. Enter the reload command at the privileged EXEC prompt.

Password Recovery Procedure 2

Use this second instance of the password recovery procedure to recover lost passwords on the following Cisco routers:

• Cisco 1003

• Cisco 1600 series

• Cisco 2600 series

• Cisco 3600 series

• Cisco 4500 series

• Cisco 7200 series

• Cisco 7500 series

• IDT Orion-based routers

• AS5200 and AS5300 platforms

To recover a password using Procedure 2, follow these steps:

Step 1. Attach a terminal or PC with terminal emulation software to the router's console port, and issue the show version command.

The configuration register value is on the last line of the display, as shown in Example D-1.

The factory default configuration register value is 0x2102.

Step 2. Turn off the router, and then turn it back on.

Step 3. Press the Break key on the terminal within 60 seconds of turning on the router.

The rommon> prompt appears. If it does not appear, the terminal is not sending the correct Break signal. In that case, check the terminal or terminal emulation setup.

Step 4. Enter the confreg command at the rommon> prompt. Record the current value of the virtual configuration register as it is output from this command.

The following prompt appears:

 Do you wish to change configuration[y/n]? 

Step 5. Enter yes and press Return.

Step 6. Accept the default answers to subsequent questions until the following prompt appears:

 ignore system config info[y/n]? 

Step 7. Enter yes.

Step 8. Enter no to subsequent questions until the following prompt appears:

 change boot characteristics[y/n]? 

Step 9. Enter yes.

The following prompt appears:

 enter to boot: 

Step 10. At this prompt, either enter 2 and press Return if you have Flash memory or, if Flash memory is erased, enter 1 and press Return.

A configuration summary is displayed, and the following prompt appears:

 Do you wish to change configuration[y/n]? 

Step 11. Answer no and press Return.

The following prompt appears:

 rommon> 

NOTE

Note that you can shorten Steps 4 through 11 by issuing the command confreg 0x2142 at the rommon> prompt.

Step 12. Enter the reset command at the privileged rommon> prompt, or power-cycle the router.

Step 13. As the router boots, enter no to all the setup questions until the following prompt appears:

 Router> 

Step 14. Enter the enable command to enter enable mode.

The Router# prompt appears.

Step 15. Choose one of the following options:

To view the password, if it is not encrypted, enter the show startup-config command.

To change the password (if it is encrypted, for example), enter the following commands:

 Router #  copy startup-config running-config  Router #  configure terminal  Router(config)#  enable secret 1234abcd  

Step 16. Because ignoring the NVRAM and choosing to abort setup would leave all interfaces in the shutdown state, it is important to enable all interfaces with the no shutdown command, as demonstrated here:

 Router(config)#  interface ethernet 0/0  Router(config-if)#  no shutdown  

Step 17. Save your new password with the following commands:

 Router(config-if)#  ctrl-z  Router #  copy running-config startup-config  

NOTE

The enable secret command provides increased security by storing the enable secret password using a nonreversible cryptographic function; however, you cannot recover a lost password that has been encrypted.

Step 18. Enter the configure terminal command at the prompt.

Step 19. Enter the config-register command and the original value you recorded in Step 2.

Step 20. Press Ctrl-Z to quit the configuration editor.

Step 21. Enter the reload command at the prompt.

NOTE

Every time you enter configuration mode on a router, a flag is set to check and make sure configurations have been saved before the router is reloaded. When you change the configuration register, there is no need to save the configuration, but the router prompts you to do so when you issue a reload. Answer no when asked if you want to save the configuration.