Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX] Password Recovery for EX2300 and EX3400

0

0

Article ID: KB31403 KB Last Updated: 04 Aug 2020Version: 2.0
Summary:

This article describes the password recovery procedure for EX2300 and EX3400 devices, which is different compared to other EX switches.

 

Symptoms:

Password recovery attempt fails on EX2300.

=======================================================================================
Boot Menu

1. Boot [P]revious installed Junos packages
2. Boot Junos in [S]ingle user mode
3. Boot from [R]ecovery snapshot

4. Boot from [N]etwork
5. Boot from [U]SB

6. Boot to [O]AM shell

7. Snapshot [B]oot menu

8. [M]ain menu

Choice:
Booting from Junos volume in single user mode ...
|
/packages/sets/active/boot/os-kernel/kernel data=0x444000 syms=[0x4+0x4b260+0x4+0x6b33d]
/packages/sets/active/boot/os-kernel/ex2300.dtb size=0x186d
...
...
...
Verified os-kernel-wit-arm-32-20160213 signed by PackageDevelopmentEc_2016
Verified os-libs-11-arm-32-20160213 signed by PackageDevelopmentEc_2016
Mounting os-libs-11-arm-32-20160213.203838_fbsd-builder_head
lookup: cd9660,/dev/md0.uzip,/,0x5001: EROFS 0x420406c
Verified os-runtime-arm-32-20160213 signed by PackageDevelopmentEc_2016
Mounting os-runtime-arm-32-20160213.203838_fbsd-builder_head
lookup: cd9660,/dev/md0.uzip,/,0x5001: EROFS 0x420406c
Enter full pathname of shell or RETURN for /bin/sh: recovery <<-----     
Feb 24 16:42:36 init: can't exec recovery for single user: No such file or directory <<----
#
=======================================================================================

 

Solution:

On EX2300/EX3400 switches, the password recovery procedure is different. Please refer to step 5 in Troubleshooting Loss of the Root Password​.

  1. Reboot the switch and interrupt the boot process by pressing any key when you see the following Main Menu:

Main Menu

1. Boot [J]unos volume
2. Boot Junos volume in [S]afe mode

3. [R]eboot

4. [B]oot menu
5. [M]ore options  <---press 5

Choice:
Options Menu

1. Recover [J]unos volume
2. Recovery mode - [C]LI  <---press 2 
3. Check [F]ile system

4. Enable [V]erbose boot

5. [B]oot prompt

6. [M]ain menu


Choice:
Booting Junos in CLI recovery mode ...
|
/packages/sets/active/boot/os-kernel/kernel data=0xd0c000 syms=[0x4+0x4cde0+0x4+0x6d35f]
/packages/sets/active/boot/os-kernel/ex3400.dtb size=0x1ce1
/packages/sets/active/boot/junos-modules/fips_core.ko text=0x1074 data=0x247 syms=[0x4+0x600+0x4+0x40f]
...
...
...

<Some boot messages omitted>


Starting CLI ...

warning: This chassis is operating in a non-master role as part of a virtual-chassis (VC) system.
warning: Use of interactive commands should be limited to debugging and VC Port operations.
warning: Full CLI access is provided by the Virtual Chassis Master (VC-M) chassis.
warning: The VC-M can be identified through the show virtual-chassis status command executed at this console
warning: Please logout and log into the VC-M to use CLI.

Reset password by typing commands printed in blue 
{linecard:0}
root> configure
Entering configuration mode

{linecard:0}[edit]
root# set system root-authentication plain-text-password
New password:
Retype new password:

{linecard:0}[edit]
root# commit
1970-01-01 00:04:43 UTC: Running FIPS Self-tests
veriexec: no signatures for device. file='/sbin/kats/cannot-exec' fsid=137 fileid=51404 gen=1 uid=0 pid=2433
1970-01-01 00:04:46 UTC: FIPS Self-tests Passed
commit complete

root@11N_SW_A# exit
Exiting configuration mode

root@11N_SW_A> request system reboot
Reboot the system at now? [yes,no] (no) yes

Jan  1 00:06:22 shutdown: reboot requested by root at Thu Jan  1 00:06:22 1970
Shutdown NOW!
[pid 2789]

Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...0 0 0 done
All buffers synced.
Uptime: 6m32s
Khelp module "jsocket" can't unload until its refcount drops from 2 to 0.
Rebooting...
  1. After reboot, if switch boots from recovery partition (OAM volume) as shown below, then reboot the switch.

Booting from recovery snapshot ... | FreeBSD/arm (Amnesiac) (ttyu0) login: root --- JUNOS
Note: Junos is currently running in recovery mode on the OAM volume root@:RE:0%

  1. After second reboot, the switch will boot up from the JUNOS volume with the new password.

 

Modification History:

2020-08-04: Article reviewed for accuracy, no changes required; article accurate and valid

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search