Knowledge Search


×
 

[EX/QFX] Password recovery procedure

  [KB10503] Show Article Properties


Summary:

This article details the procedure for recovering the root password on EX and QFX switches.

 

Symptoms:

If you forget the root password, use the password recovery procedure to reset the root password.

 

Solution:

EX Series: Refer to Troubleshooting Loss of the Root Password.

QFX Series: Refer to Recovering the Root Password.

Exceptions: For the following products, the root password recovery procedure is different from other switch products:

  • EX2300
  • EX3400
  • EX9200 which is running with 15.1 and later
  • QFX5200 which is running with 15.1X53-D30 and later
  • QFX10000 which is running with 15.1X53-D60 and later
 

The difference is due to the upgraded FreeBSD. Refer to Understanding Junos OS with Upgraded FreeBSD for more information.

For the product exceptions in the above list, take the following steps:

  1. Ensure that you have console access to the switch.
  2. Reboot the switch and press any key when you see 'Main Menu' to avoid loading Junos.

  3. After you successfully entered Main Menu, you will see the following menu.

Choice:
Main Menu

1. Boot [J]unos volume
2. Boot Junos volume in [S]afe mode

3. [R]eboot

4. [B]oot menu
5. [M]ore options 
  1. Press either "M" or "5" for "[M]ore options" to see the Options Menu as follows:

Choice:
Options Menu

1. Recover [J]unos volume
2. Recovery mode - [C]LI
3. Check [F]ile system

4. [B]oot prompt

5. [M]ain menu
  1. In this menu, press either "C" or "2" to choose "Recovery mode - [C]LI". Then Junos OS will be loaded with recovery mode.

Choice:
Booting Junos in CLI recovery mode ...

~snip~

NOTE: Once in the CLI, you will need to enter configuration mode using
NOTE: the 'configure' command to make any required changes. For example,
NOTE: to reset the root password, type:
NOTE: configure
NOTE: set system root-authentication plain-text-password
NOTE: (enter the new password when asked)
NOTE: commit
NOTE: exit
NOTE: exit
NOTE: When you exit the CLI, you will be in a shell.
Starting CLI ...

warning: This chassis is operating in a non-master role as part of a virtual-chassis (VC) system.
warning: Use of interactive commands should be limited to debugging and VC Port operations.
warning: Full CLI access is provided by the Virtual Chassis Master (VC-M) chassis.
warning: The VC-M can be identified through the show virtual-chassis status command executed at this console.
warning: Please logout and log into the VC-M to use CLI.

{linecard:0}
root>
  1. Set the root password as guidance.

{linecard:0}
root> configure
Entering configuration mode
The configuration has been changed but not committed

{linecard:0}[edit]
root# set system root-authentication plain-text-password
New password:
Retype new password:

{linecard:0}[edit]
root# commit
2017-02-01 18:09:37 UTC: Running FIPS Self-tests
veriexec: no signatures for device. file='/sbin/kats/cannot-exec' fsid=167 fileid=51404 gen=1 uid=0 pid=3262
2017-02-01 18:09:38 UTC: FIPS Self-tests Passed
commit complete
  1. After saving the configuration, exit from CLI so that the system is rebooted again with the saved password.

{linecard:0}
root> exit

NOTE: Type 'exit' to restart the system.
# exit
Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...0 0 0 0 0 done
All buffers synced.
Uptime: 1m17s
usbus0: controller did not stop
Khelp module "jsocket" can't unload until its refcount drops from 1 to 0.
Rebooting...
cpu_reset: Stopping other CPUs
Consoles: serial port
BIOS drive C: is disk0
BIOS drive D: is disk1

~snip~

No core dumps found.
Prefetch chassisd....
Starting jlaunchhelperd.
Wed Feb  1 18:11:24 UTC 2017 platform_fixups: 3719 3732
Wed Feb  1 18:11:24 UTC 2017 platform_fixups: Give sighup to (pid:3719) parse new file ...
/etc/rc: WARNING: run_rc_command: cannot run
Starting cron.

Wed Feb  1 18:11:24 UTC 2017

FreeBSD/amd64 (Amnesiac) (ttyu0)

login: Feb  1 18:11:24 jlaunchd: exec_command: /usr/sbin/eventd (PID 3761) started
Feb  1 18:11:24 jlaunchd: event-processing (PID 3761) started
Feb  1 18:11:24 jlaunchd: exec_command: /usr/sbin/sdk-mgmtd (PID 3762) started
Feb  1 18:11:24 jlaunchd: app-engine-management-service (PID 3762) started
Feb  1 18:11:24 jlaunchd: exec_command: /usr/sbin/sdk-vmmd (PID 3763) started
Feb  1 18:11:24 jlaunchd: app-engine-virtual-machine-management-service (PID 3763) started
Feb  1 18:11:24 jlaunchd: exec_command: /usr/sbin/vccpd (PID 3764) started
Feb  1 18:11:24 jlaunchd: virtual-chassis-control (PID 3764) started
Feb  1 18:11:24 jlaunchd: can not access /usr/sbin/chassism: No such file or directory
Feb  1 18:11:25 jlaunchd: chassis-manager (PID 0) started


FreeBSD/amd64 (Amnesiac) (ttyu0)

login: root
Password:
Last login: Wed Feb  1 15:40:16 on ttyu0
  1. Check if you can log in to the system with the new password.

 

Modification History:

2019-07-19: A few additional details added to Steps 4 and 5 in the Solution section; other minor, non-technical edits made

 

Related Links: