This article describes the password recovery procedure for EX2300 and EX3400 devices, which is different compared to other EX switches.
Password recovery attempt fails on EX2300.
=======================================================================================
Boot Menu
1. Boot [P]revious installed Junos packages
2. Boot Junos in [S]ingle user mode
3. Boot from [R]ecovery snapshot
4. Boot from [N]etwork
5. Boot from [U]SB
6. Boot to [O]AM shell
7. Snapshot [B]oot menu
8. [M]ain menu
Choice:
Booting from Junos volume in single user mode ...
|
/packages/sets/active/boot/os-kernel/kernel data=0x444000 syms=[0x4+0x4b260+0x4+0x6b33d]
/packages/sets/active/boot/os-kernel/ex2300.dtb size=0x186d
...
...
...
Verified os-kernel-wit-arm-32-20160213 signed by PackageDevelopmentEc_2016
Verified os-libs-11-arm-32-20160213 signed by PackageDevelopmentEc_2016
Mounting os-libs-11-arm-32-20160213.203838_fbsd-builder_head
lookup: cd9660,/dev/md0.uzip,/,0x5001: EROFS 0x420406c
Verified os-runtime-arm-32-20160213 signed by PackageDevelopmentEc_2016
Mounting os-runtime-arm-32-20160213.203838_fbsd-builder_head
lookup: cd9660,/dev/md0.uzip,/,0x5001: EROFS 0x420406c
Enter full pathname of shell or RETURN for /bin/sh: recovery <<-----
Feb 24 16:42:36 init: can't exec recovery for single user: No such file or directory <<----
#
=======================================================================================
On EX2300/EX3400 switches, the password recovery procedure is different. Please refer to step 5 in Troubleshooting Loss of the Root Password​.
-
Reboot the switch and interrupt the boot process by pressing any key when you see the following Main Menu:
Main Menu
1. Boot [J]unos volume
2. Boot Junos volume in [S]afe mode
3. [R]eboot
4. [B]oot menu
5. [M]ore options <---press 5
Choice:
Options Menu
1. Recover [J]unos volume
2. Recovery mode - [C]LI <---press 2
3. Check [F]ile system
4. Enable [V]erbose boot
5. [B]oot prompt
6. [M]ain menu
Choice:
Booting Junos in CLI recovery mode ...
|
/packages/sets/active/boot/os-kernel/kernel data=0xd0c000 syms=[0x4+0x4cde0+0x4+0x6d35f]
/packages/sets/active/boot/os-kernel/ex3400.dtb size=0x1ce1
/packages/sets/active/boot/junos-modules/fips_core.ko text=0x1074 data=0x247 syms=[0x4+0x600+0x4+0x40f]
...
...
...
<Some boot messages omitted>
Starting CLI ...
warning: This chassis is operating in a non-master role as part of a virtual-chassis (VC) system.
warning: Use of interactive commands should be limited to debugging and VC Port operations.
warning: Full CLI access is provided by the Virtual Chassis Master (VC-M) chassis.
warning: The VC-M can be identified through the show virtual-chassis status command executed at this console
warning: Please logout and log into the VC-M to use CLI.
Reset password by typing commands printed in blue
{linecard:0}
root> configure
Entering configuration mode
{linecard:0}[edit]
root# set system root-authentication plain-text-password
New password:
Retype new password:
{linecard:0}[edit]
root# commit
1970-01-01 00:04:43 UTC: Running FIPS Self-tests
veriexec: no signatures for device. file='/sbin/kats/cannot-exec' fsid=137 fileid=51404 gen=1 uid=0 pid=2433
1970-01-01 00:04:46 UTC: FIPS Self-tests Passed
commit complete
root@11N_SW_A# exit
Exiting configuration mode
root@11N_SW_A> request system reboot
Reboot the system at now? [yes,no] (no) yes
Jan 1 00:06:22 shutdown: reboot requested by root at Thu Jan 1 00:06:22 1970
Shutdown NOW!
[pid 2789]
Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...0 0 0 done
All buffers synced.
Uptime: 6m32s
Khelp module "jsocket" can't unload until its refcount drops from 2 to 0.
Rebooting...
-
After reboot, if switch boots from recovery partition (OAM volume) as shown below, then reboot the switch.
Booting from recovery snapshot ... | FreeBSD/arm (Amnesiac) (ttyu0) login: root --- JUNOS
Note: Junos is currently running in recovery mode on the OAM volume root@:RE:0%
-
After second reboot, the switch will boot up from the JUNOS volume with the new password.
2020-08-04: Article reviewed for accuracy, no changes required; article accurate and valid