Поиск по этому блогу

03.05.2011

Сброс пароля в SRX

KB17565 описывает одну особенность при сбросе пароля root в SRX, а именно необходимость команды watchdog disable. Главное на радостях не забыть включить watchdog обратно.



Solution:
To resolve the issue, use the following procedure to recover the root password for SRX Branch devices running on Junos version 10.0R1 or later. This involves disabling watchdog functionality to allow the system to properly boot into single-user mode.


1. Press the power button on the front panel to power on the router. Verify that the POWER LED on the front panel turns green. The console should continuously display the boot message.
2. When the following prompt appears, press the spacebar to access the router’s bootstrap loader and type in the following commands:

Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [kernel] in 9 seconds...

Loader>
Loader> watchdog disable
Loader> boot –s

3. Now the firewall will start up in single-user mode.
4. At the following prompt, enter "recovery" to start the root password recovery procedure.

System watchdog timer disabled
Enter full pathname of shell or 'recovery' for root password recovery or RETURN for /bin/sh: recovery

5. The device will directly enter operational mode without asking for any user ID or password..

Starting CLI ...
root@host> edit

6. Once in configuration mode, set the root password. For example:

root@host# set system root-authentication plain-text-password

7. On pressing the return key, type in the new root password. Reenter the new root password when the second prompt appears. For example:

New password: juniper1
Retype new password: juniper1

8. Commit the changes.

root@host# commit
commit complete

9. Reboot the device again, for example:

root@host# run request system reboot
Reboot the system ? [yes,no] (no) yes

The boot messages will display on the console.

10. Press the spacebar once again, to access the router’s bootstrap loader prompt, when the following sequence appears on the console:

Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [kernel] in 9 seconds...

Loader>
Loader> watchdog enable
Loader> boot

11. The device will boot again and at this instance will ask for a user name and password. Enter the newly configured password.

Wed Jun 16 14:20:21 UTC 2010
Amnesiac (ttyu0)
login: root
Password: juniper1