Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX] Console port insecure feature

0

0

Article ID: KB32518 KB Last Updated: 23 Sep 2019Version: 2.0
Summary:

The command “set system ports console insecure” feature is not supported on EX platforms. This option can be used to prevent a user from attempting password recovery by booting into single-user mode, if the user does not know the root password.

Symptoms:

Although the “set system ports console insecure” is configured, a prompt is not shown when resetting the switch and attempting to change the password via the console. Therefore, this feature does not prevent entering single-user mode and resetting the root password if the switch is rebooted.

Cause:

Because Junos is common for a number of the platforms at Juniper, the command is accepted when a commit is performed. It changes the mode for tty and gets into a lock state.

Solution:

This feature does not prevent password recovery via booting into single user mode as it is not supported in any of the EX switches.

The device can be recovered by rolling back the config using any other super-user login to the device over console or SSH/Telnet/HTTP login. If it is not working as expected, the device can be recovered by using format installation.

Modification History:
2019-09-23: Expanded upon 'Solution' field.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search