思科uBR7100、uBR7200和uBR10000通用寬頻路由器的口令恢復過程

簡介

本檔案將說明如何復原使能密碼和使能密碼。這些密碼可保護對特權執行模式和配置模式的訪問。enable password可以恢復，但enable secret密碼已加密，並且必須用新密碼替換。使用本文檔中介紹的過程來替換使能密碼。

必要條件

需求

本文件沒有特定需求。

採用元件

本檔案中的資訊是根據以下硬體版本：

• uBR7100通用寬頻路由器

• uBR7200通用寬頻路由器

• uBR10000通用寬頻路由器

本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除（預設）的組態來啟動。如果您的網路正在作用，請確保您已瞭解任何指令可能造成的影響。

相關產品

有關如何恢復相關產品密碼的資訊，請參閱密碼恢復過程。

慣例

如需檔案慣例的相關資訊，請參閱思科技術提示慣例。

逐步程序

請依照以下步驟操作，以復原密碼：

1. 將終端機或具有終端模擬的PC連線到路由器的控制檯埠。

   使用以下終端機設定：

   • 9600波特率

   • 無奇偶校驗

   • 8個資料位

   • 1停止位

   • 無流量控制

   有關如何將終端機連線到主控台連線埠或AUX連線埠的電纜和連線方式，請參閱以下檔案：

   • 控制檯和AUX埠佈線指南

   • 將終端機連接至 Catalyst 交換器的主控台連接埠

   • 將終端機連線到Catalyst 2948G-L3、4908G-L3和4840G系列交換器

2. 如果可以訪問路由器，請在提示符下鍵入show version，然後記錄配置暫存器設定。請參閱密碼復原程式範例以檢視show version命令的輸出

   注意：配置暫存器通常設定為0x2102或0x102。如果由於登入或TACACS密碼丟失而無法再訪問路由器，則可以安全地假設配置暫存器設定為0x2102。

3. 使用電源開關關閉路由器，然後重新開啟路由器。

   重要附註：

   • 要在Cisco 6400上模擬此步驟，請拔出並插入節點路由處理器(NRP)或節點交換處理器(NSP)卡。

   • 要在帶有NI-2的Cisco 6x00上模擬此步驟，請拔出並插入NI-2卡。

4. 在通電後60秒內按終端鍵盤上的Break，將路由器進入ROMMON模式。

   如果Break按鍵順序不起作用，請參閱密碼復原期間的標準Break按鍵順序組合以瞭解其他按鍵組合。

5. 在rommon 1>提示符下鍵入confreg 0x2142，以便從快閃記憶體啟動。

   此步驟繞過儲存密碼的啟動組態。

6. 在rommon 2>提示符下鍵入reset。

   路由器重新啟動，但忽略儲存的配置。

7. 在每個設定問題後鍵入no，或按Ctrl-C以跳過初始設定過程。

8. 在Router>提示時鍵入enable。

   您處於啟用模式，應該會看到Router#提示。

9. 輸入configure memory或copy startup-config running-config，將非揮發性RAM(NVRAM)複製到記憶體中。

   重要事項：請勿輸入copy running-config startup-config或write。這些命令會清除啟動配置。

10. 鍵入show running-config。

    show running-config命令會顯示路由器的配置。在此配置中，shutdown命令出現在所有介面下，表示所有介面當前都已關閉。此外，口令（使能口令、使能加密口令、vty口令、控制檯口令）採用加密格式或未加密格式。您可以重複使用未加密的密碼。您必須將加密密碼更改為新密碼。

11. 鍵入configure terminal。

    出現hostname(config)#提示。

12. 輸入enable secret <password>以更改enable secret密碼。例如：

    hostname(config)#enable secret cisco
    
    

13. 在您使用的每個介面上發出no shutdown命令。

    如果您發出show ip interface brief命令，則您要使用的每個介面都應顯示up up。

14. 輸入config-register <configuration_register_setting>。其中configuration_register_setting是在步驟2中記錄的值或0x2102。例如：

    hostname(config)#config-register 0x2102
    
    

15. 按Ctrl-z或end以離開配置模式。

    出現hostname#提示。

16. 輸入write memory或copy running-config startup-config以提交更改。

密碼復原程式範例

本節提供了一個口令恢復過程的示例。此示例是使用Cisco 2600系列路由器建立的。即使您未使用Cisco 2600系列路由器，此輸出仍會提供您應該在產品上體驗的示例。

Router>enable
Password:
Password:
Password:
% Bad secrets

Router>show version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
Image text-base: 0x80008088, data-base: 0x80C524F8

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

Router uptime is 3 minutes
System returned to ROM by abort at PC 0x802D0B60
System image file is "flash:c2600-is-mz.120-7.T"

cisco 2611 (MPC860) processor (revision 0x202) with 26624K/6144K bytes of memory.
Processor board ID JAB031202NK (3878188963)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
2 Ethernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash partition 1 (Read/Write)
8192K bytes of processor board System flash partition 2 (Read/Write)

Configuration register is 0x2102

Router>



!--- The router was just powercycled, and during bootup a !--- break sequence was sent to the router.


!

*** System received an abort due to Break Key ***

signal= 0x3, code= 0x500, context= 0x813ac158
PC = 0x802d0b60, Vector = 0x500, SP = 0x80006030
rommon 1 > confreg 0x2142

You must reset or power cycle for new config to take effect

rommon 2 > reset

System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by cisco Systems, Inc.
TAC:Home:SW:IOS:Specials for info
C2600 platform with 32768 Kbytes of main memory


program load complete, entry point: 0x80008000, size: 0x6fdb4c

Self decompressing the image : ###############################
##############################################################
##############################################################
##############################################################
############################### [OK]


 Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

 cisco Systems, Inc.
 170 West Tasman Drive
 San Jose, California 95134-1706

Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
Image text-base: 0x80008088, data-base: 0x80C524F8

cisco 2611 (MPC860) processor (revision 0x202) with 26624K/6144K bytes of memory.
Processor board ID JAB031202NK (3878188963)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
2 Ethernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash partition 1 (Read/Write)
8192K bytes of processor board System flash partition 2 (Read/Write)


 --- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: n

Press RETURN to get started!

00:00:19: %LINK-3-UPDOWN: Interface BRI0/0, changed state to up
00:00:19: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
00:00:19: %LINK-3-UPDOWN: Interface Ethernet0/1, changed state to up
00:00:19: %LINK-3-UPDOWN: Interface Serial0/0, changed state to down
00:00:19: %LINK-3-UPDOWN: Interface Serial0/1, changed state to down
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0, 
changed state to down
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0,
 changed state to up
Router>
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/1, 
changed state to up
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, 
changed state to down
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, 
changed state to down
00:00:50: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
00:00:50: %LINK-5-CHANGED: Interface BRI0/0, 
changed state to administratively down
00:00:52: %LINK-5-CHANGED: Interface Ethernet0/0, 
changed state to administratively down
00:00:52: %LINK-5-CHANGED: Interface Serial0/0, 
changed state to administratively down
00:00:52: %LINK-5-CHANGED: Interface Ethernet0/1, 
changed state to administratively down
00:00:52: %LINK-5-CHANGED: Interface Serial0/1, 
changed state to administratively down
00:00:53: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, 
changed state to down
00:00:53: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/1, 
changed state to down
Router>
Router>enable
Router#copy startup-config running-config
Destination filename [running-config]?
1324 bytes copied in 2.35 secs (662 bytes/sec)
Router#
00:01:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:1, 
changed state to down
00:01:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:2, 
changed state to down
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret < password >
Router(config)#^Z
00:01:54: %SYS-5-CONFIG_I: Configured from console by console
Router#show ip interface brief

Interface   IP-Address        OK?  Method     Status                   Protocol
Ethernet0/0 10.200.40.37      YES  TFTP       administratively down    down
Serial0/0   unassigned        YES  TFTP       administratively down    down
BRI0/0      193.251.121.157   YES  unset      administratively down    down
BRI0/0:1    unassigned        YES  unset      administratively down    down
BRI0/0:2    unassigned        YES  unset      administratively down    down
Ethernet0/1 unassigned        YES  TFTP       administratively down    down
Serial0/1   unassigned        YES  TFTP       administratively down    down
Loopback0   193.251.121.157   YES  TFTP       up                       up
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface Ethernet0/0
Router(config-if)#no shutdown
Router(config-if)#
00:02:14: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
00:02:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, 
changed state to up
Router(config-if)#interface BRI0/0
Router(config-if)#no shutdown
Router(config-if)#
00:02:26: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down
00:02:26: %LINK-3-UPDOWN: Interface BRI0/0:2, changed state to down
00:02:26: %LINK-3-UPDOWN: Interface BRI0/0, changed state to up
00:02:115964116991: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0/0, 
TEI 68 changed to up
Router(config-if)#^Z
Router#
00:02:35: %SYS-5-CONFIG_I: Configured from console by console
Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
Image text-base: 0x80008088, data-base: 0x80C524F8

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

Router uptime is 3 minutes
System returned to ROM by abort at PC 0x802D0B60
System image file is "flash:c2600-is-mz.120-7.T"

cisco 2611 (MPC860) processor (revision 0x202) 
with 26624K/6144K bytes of memory.
Processor board ID JAB031202NK (3878188963)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
2 Ethernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash partition 1 (Read/Write)
8192K bytes of processor board System flash partition 2 (Read/Write)

Configuration register is 0x2142

Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#config-register 0x2102
Router(config)#^Z
00:03:20: %SYS-5-CONFIG_I: Configured from console by console

Router#show version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
Image text-base: 0x80008088, data-base: 0x80C524F8

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

Router uptime is 3 minutes
System returned to ROM by abort at PC 0x802D0B60
System image file is "flash:c2600-is-mz.120-7.T"

cisco 2611 (MPC860) processor (revision 0x202) 
with 26624K/6144K bytes of memory.
Processor board ID JAB031202NK (3878188963)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.

2 Ethernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash partition 1 (Read/Write)
8192K bytes of processor board System flash partition 2 (Read/Write)

Configuration register is 0x2142 (will be 0x2102 at next reload)

Router#

相關資訊

• 密碼復原程序
• 控制檯和AUX埠佈線指南
• 將終端機連接至 Catalyst 交換器的主控台連接埠
• 將終端機連線到Catalyst 2948G-L3、4908G-L3和4840G系列交換器
• 密碼復原期間的標準Break按鍵順序組合
• 技術支援 - Cisco Systems