交换机的密码恢复比较特殊点,交换机里是没有寄存器值这个概念的。路由器中才有,所以就和路由器密码恢复就不一样了。在交换机里只要把配置保存了。下次交换机启动的时候就会载如配置位置。交换机里的配置文件是保存在config.text里的。交换机每次启动的时候都去寻找一下看能不能找到这个文件找到了就载入。所以我们这里密码恢复的核心就是把这个配置文件给他做个重命名,让交换机找不到这个文件。
Catalyst交换机启动后进入用户模式发现有ENABLE密码,无法进入特权模式,怎么解决?(2900XL)
如下图:
Press RETURN to get started!
C2900XL INIT: Complete
00:00:21: %SYS-5-CONFIG: Configured from NVRAM by console
00:00:23: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.3)WC(1), MAINTENANCE INTERIM SOFTWARE
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Mon 30-Apr-01 07:34 by devgoyal
Switch>en
Password:
% Password: timeout expired!
阶段一: 重新加电(由于无法进入特权模式,只能拔插头罗),在POST阶段按住MODE键/CTRL+BREAK 发起中断,进入ROM MONITOR模式。时间只有几十秒哦!
如下图:
C2900XL Boot Loader (C2900-HBOOT-M) Version 12.0(5.2)XU, MAINTENANCE INTERIM SOFTWARE
Compiled Mon 17-Jul-00 18:19 by ayounes
starting...
Base ethernet MAC Address: 00:04:4d:d6:b0:40
Xmodem file system is available.
The system has been interrupted prior to initializing the
flash filesystem. The following commands will initialize
the flash filesystem, and finish loading the operating
system software:
flash_init
load_helper
boot
switch:
阶段二:系统提示可以通过FLASH_INIT/LOAD_HELPER/BOOT等命令重新手工完成FLASHfs的初始化与加载。这对于之后修改配置文件是必要的。
如下图:
switch: dir
List of filesystems currently registered:
flash[0]: (read-write)
xmodem[1]: (read-only)
null[2]: (read-write)
switch: dir flash:
unable to stat flash:/: invalid argument
switch: set
switch: flash_init (中断造成FLASHfs并未初始化,此命令完成初始化)
Initializing Flash...
flashfs[0]: 201 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 3612672
flashfs[0]: Bytes used: 3339264
flashfs[0]: Bytes available: 273408
flashfs[0]: flashfs fsck took 10 seconds.
...done Initializing Flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
switch: load_helper (加载帮助镜像,为此模式下的命令提供描述。此命令为可选项)
switch: dir
List of filesystems currently registered:
flash[0]: (read-write)
xmodem[1]: (read-only)
null[2]: (read-write)
bs[3]: (read-only)
switch: dir flash:
Directory of flash:/
2 -rwx 111 <date> info
3 -rwx 105970 <date> c2900XL-diag-mz-120.5.2-XU
4 drwx 12544 <date> html
111 -rwx 1750311 <date> c2900XL-c3h2s-mz.120-5.3.WC.1.bin
204 -rwx 668 <date> config.text (我们的配置保存在此文件中)
202 -rwx 111 <date> info.ver
203 -rwx 348 <date> env_vars
273408 bytes available (3339264 bytes used)
switch: set
BOOT=flash:c2900XL-c3h2s-mz.120-5.3.WC.1.bin
BST_TRAIL=500
ENABLE_BREAK=yes
MAC_ADDR=00:04:4D:D6:B0:40
MODEL_NUM=WS-C2912-XL-EN
MODEL_REVISION_NUM=A0
MOTHERBOARD_ASSEMBLY_NUM=73-3397-08
MOTHERBOARD_REVISION_NUM=C0
MOTHERBOARD_SERIAL_NUM=FAB0446141M
POWER_SUPPLY_PART_NUM=34-0834-01
POWER_SUPPLY_SERIAL_NUM=DAB04283J87
SYSTEM_SERIAL_NUM=FAB0447T12M
switch: rename flash:config.text flash:edify.txt (对配置文件进行重命名,使配置在启动时无法正常加载,同时也保留了配置)
switch: dir flash:
Directory of flash:/
2 -rwx 111 <date> info
3 -rwx 105970 <date> c2900XL-diag-mz-120.5.2-XU
4 drwx 12544 <date> html
111 -rwx 1750311 <date> c2900XL-c3h2s-mz.120-5.3.WC.1.bin
204 -rwx 668 <date> edify.txt
202 -rwx 111 <date> info.ver
203 -rwx 348 <date> env_vars
273408 bytes available (3339264 bytes used)
switch: boot (加载已经初始化完毕的FLASHfs)
Loading "flash:c2900XL-c3h2s-mz.120-5.3.WC.1.bin"...#################################
<省略>
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Continue with configuration dialog? [yes/no]: n
Press RETURN to get started.
Switch>en
Switch#
阶段三:发现没有提示输入ENABLE口令,正
常进入特权模式。手动加载配置,删除密码,将删除密码后的配置保存到NVRAM。
如下图:
Switch#sh start
%% Non-volatile configuration memory is not present
Switch#dir
Directory of flash:/
2 -rwx 111 Mar 01 1993 00:07:48 info
3 -rwx 105970 Jul 18 2000 01:26:29 c2900XL-diag-mz-120.5.2-XU
4 drwx 12544 Mar 01 1993 02:29:42 html
111 -rwx 1750311 Mar 01 1993 00:08:59 c2900XL-c3h2s-mz.120-5.3.WC.1.bin
204 -rwx 668 Mar 01 1993 00:11:22 edify.txt
202 -rwx 111 Mar 01 1993 00:10:23 info.ver
203 -rwx 348 Jan 01 1970 00:05:46 env_vars
3612672 bytes total (273408 bytes free)
Switch#copy ruhua.txt run (将先前的配置加载到RUNNING-CONFIG中)
Destination filename [running-config]?
668 bytes copied in 1.290 secs (668 bytes/sec)
Switch#
00:08:26: %SYS-5-CONFIG: Configured from by
Switch#sh ru
Building configuration...
Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
enable password cisco
!
!
!
!
!
!
ip subnet-zero
<省略>
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#no enable pass (删除ENABLE密码)
Switch(config)#end
Switch#wr (保存配置到NVRAM)
Building configuration...
00:08:50: %SYS-5-CONFIG_I: Configured from console by console[OK]
Switch#sh start
Using 673 out of 32768 bytes
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
! (发现NVRAM配置中已经不包含ENABLE密码了)
!
!
ip subnet-zero
<省略>
Switch#sh flash
Directory of flash:/
2 -rwx 111 Mar 01 1993 00:07:48 info
3 -rwx 105970 Jul 18 2000 01:26:29 c2900XL-diag-mz-120.5.2-XU
4 drwx 12544 Mar 01 1993 02:29:42 html
111 -rwx 1750311 Mar 01 1993 00:08:59 c2900XL-c3h2s-mz.120-5.3.WC.1.bin
204 -rwx 668 Mar 01 1993 00:11:22 ruhua.txt
202 -rwx 111 Mar 01 1993 00:10:23 info.ver
203 -rwx 348 Jan 01 1970 00:05:46 env_vars
205 -rwx 673 Mar 01 1993 00:08:53 config.text
3612672 bytes total (272384 bytes free)
Switch#del edify.txt (删除已经无用的重命名配置文件)
Delete filename [edify.txt]?
Delete flash:ruhua.txt? [confirm]
Switch#sh flash
Directory of flash:/
2 -rwx 111 Mar 01 1993 00:07:48 info
3 -rwx 105970 Jul 18 2000 01:26:29 c2900XL-diag-mz-120.5.2-XU
4 drwx 12544 Mar 01 1993 02:29:42 html
111 -rwx 1750311 Mar 01 1993 00:08:59 c2900XL-c3h2s-mz.120-5.3.WC.1.bin
202 -rwx 111 Mar 01 1993 00:10:23 info.ver
203 -rwx 348 Jan 01 1970 00:05:46 env_vars
205 -rwx 673 Mar 01 1993 00:08:53 config.text
3612672 bytes total (273408 bytes free)
只要大家理解交换机工作原理就明白的!!
现在就结束了。把这个发到网上,一是和大家分享,二是怕自己以后忘记!!
