Replacing or Recovering a Lost Password on Cisco Routers

I’m going to explain how to replace the enable mode password and/or add yourself as a user on a Cisco router if you currently are unable to login but have console access. I will be performing all the commands on a Cisco 7204 VXR.

It is possible to recover the enable or console login password. The enable secret password is encrypted, however, and must be replaced with a new enable secret password.

    While booting the router up, press Ctrl+Break to enter Rommon Mode.
    Set the configuration register using the configuration register utility—enter the confreg command at the ROM monitor prompt as follows:

    rommon1> confreg

    Answer yes to the enable “ignore system config info”? question and note the current configuration register settings.

    Initialize the router by entering the reset command as follows:

    rommon2> reset

    The router will initialize, the configuration register will be set to 0x142, and the router will boot the system image from Flash memory and enter the system configuration dialog (setup) as follows:

    — System Configuration Dialog —

    Enter no in response to the system configuration dialog prompts until the following message is displayed:

    Press RETURN to get started!

    Press Return. The user EXEC prompt is displayed as follows:

    Router>

    Enter the enable command to enter privileged EXEC mode. Then enter the show startup-config command to display the passwords in the configuration file as follows:
    Router# show startup-config
    Scan the configuration file display looking for the passwords (the enable passwords are usually near the beginning of the file, and the console login or user EXEC password is near the end). The passwords displayed will look something like this:

    enable secret 5 $1$ORPP$s9syZt4uKn3SnpuLDrhuei
    enable password 23skiddoo
    .
    .
    line con 0
    password onramp

    The enable secret password is encrypted and cannot be recovered; it must be replaced. The enable and console passwords may be encrypted or clear text.

    Enter the configure memory command to load the startup configuration file into running memory. This action allows you to modify or replace passwords in the configuration.

    Router# configure memory

    Enter the privileged EXEC command configure terminal to enter configuration mode:

    Hostname# configure terminal

    Change all three passwords using the following commands:

    Hostname(config)# enable secret newpassword1
    Hostname(config)# enable password newpassword2
    Hostname(config)# line con 0
    Hostname(config-line)# password newpassword3

    Change only the passwords necessary for your configuration. You can remove individual passwords by using the no form of the above commands. For example, entering the no enable secret command removes the enable secret password.

    You must configure all interfaces to be not administratively shutdown as follows:

    Hostname(config)# interface fastethernet 0/0
    Hostname(config-int)# no shutdown

    Enter the equivalent commands for all interfaces that were originally configured. If you omit this step, all interfaces will be administratively shutdown and unavailable when the router is restarted.

    Use the config-register command to set the configuration register to the original value. Factory default is 0x2102.

    Hostname(config)# config-register 0x2102

    Exit Configure mode and enter the copy running-config startup-config command to save the new configuration to nonvolatile memory.
    Enter the reload command to reboot the router
    Log in to the router with the new or recovered passwords.

That’s all you need to do to gain access to the router.

Leave a Reply


*