How to Recovering the huawei switch S6720 Console Port Login Password

Telecommunications

If you loss you huawei sweitch S6720 console port login password,what should you do, then let me tell you.

Three methods are provided to recover the console port login password.

  • Method 1: Log in to the device using STelnet/Telnet and change the console port login password.
  • Method 2: Clear the console login password in BootROM and change the console port login password.
  • Method 3: Clear the startup configuration file in BootROM, start the device with no configuration, and change the console port login password.

NOTE:

  1. Method 1 is recommended. If you forget the STelnet/Telnet password, use method 2 or 3. The Telnet protocol may bring security risks, and you are advised to log in to the device using STelnet V2.

  2. If method 1 cannot be used, use method 2 preferentially.

  3. Enter the BootROM menu on the S1720GFR, S2720EI (V200R006C10, V200R009C00, V200R010C00), S2750, S5700LI, S5700S-LI, S5720S-12TP-PWR-LI-AC and S5700S-28P-PWR-LI-AC, and enter the BootLoad menu on the S2720EI (V200R011C10), S5710-X-LI, S5700S-28X-LI-AC, S5700S-52X-LI-AC, S5720SI, S6720SI, S6720S-SI, S5720S-SI, S5720EI, S5720HI, S6720EI, S5720LI, S6720LI, S6720S-LI, S5720S-LI and S6720S-EI. The following command outputs are used as an example.
  4. The command outputs of different versions on different devices may be different. Therefore, the command outputs on your device may be different from that provided in this example.

Logging In to the Device Using STelnet/Telnet and Changing the Console Port Login Password

The following uses the command lines and outputs of logging in to the device using STelnet as an example.

If you have a STelnet account and your user right is level 3 or higher, log in to the device using STelnet, change the console port login password, and save the configuration.

  1. Log in to the device using STelnet. Ensure that your user right is level 3 or higher.

    Run the display users command to display all the users who have logged in to the device. The item with a "+" mark indicates your user account on user interface VTY1.

    <HUAWEI> display users
  User-Intf    Delay    Type   Network Address     AuthenStatus    AuthorcmdFlag
  129 VTY 0   00:23:36  TEL    10.135.18.67              pass           no        Username : Unspecified

+ 130 VTY 1   01:20:36  TEL    10.135.18.91              pass           no        Username : Unspecified

  131 VTY 2   00:00:00  TEL    10.135.18.54              pass           no        Username : Unspecified

    Run the display user-interface command to display the user right of all users. VTY1 has a corresponding user right 15; therefore, you have the right to change the console port login password.

    <HUAWEI> display user-interface
  Idx  Type     Tx/Rx      Modem Privi ActualPrivi Auth  Int
  0    CON 0    9600       -     15    -           P     -
+ 129  VTY 0               -     15    15          P     -
+ 130  VTY 1               -     15    15          P     -
+ 131  VTY 2               -     15    -           P     -
  132  VTY 3               -     15    15          P     -
......

  2. Change the console port login password. In this example, you set the authentication mode to password authentication and the password to huawei@123.

    <HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] authentication-mode password
[HUAWEI-ui-console0] set authentication password cipher huawei@123
[HUAWEI-ui-console0] return

  3. Save the configuration.

    <HUAWEI> save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Now saving the current configuration to the slot 0.
Save the configuration successfully.

Clearing the Console Login Password in BootROM and Changing the Console Port Login Password

The BootROM allows you to clear the console port login password so that the device does not check the password when you log in through the console port. When the device starts, you do not need to enter the console port login password and all configurations are loaded as normally. After the device starts, reconfigure the authentication mode and console port login password, and save the configuration.

NOTICE:

  • You must restart the device to display the BootROM menu, which results in service interruption. Migrate services to a backup device and perform this operation in off-peak hours.

  • Set a new password immediately after you log in to the device by clearing console login password.

  • Do not power off the device during the operation.

  1. Connect a PC to the device through a serial cable and restart the device. When the message "Press Ctrl+B to enter BootROM menu..." (V200R002 and V200R003) or "Press Ctrl+B or Ctrl+E to enter BootROM menu..." (V200R005 and later versions)is displayed, press Ctrl+Bor Ctrl+E in later versions, and enter the password (Admin@huawei.com by default and possibly huawei on a device in versions earlier than V100R006C03). The BootROM main menu is displayed.

  2. Clear console login password.

              BootROM  MENU

    1. Boot with default mode
    2. Enter serial submenu
    3. Enter startup submenu
    4. Enter ethernet submenu
    5. Enter filesystem submenu
    6. Modify BootROM password   //V200R006 and earlier versions: Modify BootROM password; V200R007 and later versions: Enter password submenu
    7. Clear password for console user
    8. Reboot
    (Press Ctrl+E to enter diag menu) 

Enter your choice(1-8): 7

Note: Clear password for console user? Yes or No(Y/N): y

Clear password for console user successfully. Choose "1" to boot, then set a new password.
Note: Do not choose "8. Reboot" or power off the device, otherwise this operation will not take effect.
  3. Enter 1 in the BootROM main menu to start the device.

  4. Log in to the device through the console port. Authentication is not required when you log in. Change the console port login password. In this example, you set the authentication mode to password authentication and the password to huawei@123.

    <HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] authentication-mode password
[HUAWEI-ui-console0] set authentication password cipher huawei@123
[HUAWEI-ui-console0] return

  5. Save the configuration.

    <HUAWEI> save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Now saving the current configuration to the slot 0.
Save the configuration successfully.

Clearing the Startup Configuration File in BootROM, Starting the Device with No Configuration, and Changing the Console Port Login Password

If you clear the startup configuration file in BootROM, the device restarts with no configuration (factory settings). After the device starts, export the configuration file and change the console login configuration. Upload the changed configuration to the device and specify the new configuration file as the next startup configuration file. After the device restarts, you do not need to enter the console login password. (In the following example, the authentication mode for console port login is password authentication. In other authentication modes, the output varies according to the device model and configuration.)

Submitted 6 years 3 weeks ago by thunder-link.
Share