Password Recovery - ASR9K

From DocWiki

Jump to: navigation, search

Contents

Terminals, Authentication, and Prompts

Terminals

Telnet Remote access, not secure
SSH Remote access, secure
Console Local access, IOS-XR prompt
Auxiliary Local access, KSH prompt

Authentication Methods

Line Attached to a terminal, like Telnet, or CONSOLE
Local Usernames and passwords configured under "show running-config"
Admin Usernames and passwords configured under "admin show running-config"
TACACS Used in AAA, remote user database server
Radius Used in AAA, remote user database server

Prompts

This is the IOS-XR prompt:

RP/0/RSP1/CPU0:ASR9000#

This is the KSH prompt:

#

Change KSH Prompt to IOS-XR

The KSH prompt can run linux commands. To turn a KSH prompt into an IOS-XR prompt use this command:

# /pkg/bin/exec

To do the same and also bypass AAA add the -a option

# pkg/bin/exec -a

Forgotten Username or Password

This procedure uses a variable in ROMMON on the standby RSP to bypass authentication to reach a KSH prompt which can be converted into a IOS-XR prompt where changes can be made.

  • On multi-RSP systems, this should cause zero production impact.
  • On the ASR-9001, follow the same steps, but plan a maintenance window as there is no standby RSP.
  1. Get the standby RSP into ROMMON
    rommon 1>
  2. Set a variable to bypass the auxiliary authentication
    rommon 1> AUX_AUTHEN_LEVEL=0
  3. Save the variable
    rommon 2> sync
  4. Boot the RSP
    rommon 3> boot
  5. Wait for the card to boot, then switch to the auxilary terminal, via the AUX port, you should see:
    #
  6. Change the prompt from KSH to IOS-XR and bypass AAA
    # /pkg/bin/exec -a
  7. Change the config
    • Add a user
    • Add or change a password
  8. Verify. Attempt to login to the Active RSP using any terminal type
  9. Recover, bring the standby RSP back down to ROMMON
    rommon 1>
  10. Unset the variable to bypass the auxiliary authentication
    rommon 1> unset AUX_AUTHEN_LEVEL
  11. Save the variable set
    rommon 2> sync
  12. Boot the RSP
    rommon 3> boot

AAA Problems

This procedure uses a variable in ROMMON on the standby RSP to bypass authentication on the CONSOLE to reach a KSH prompt which can run rollback commands.

  • On multi-RSP systems, this should cause zero production impact.
  • On the ASR-9001, follow the same steps, but plan a maintenance window as there is no standby RSP.
  1. Get the standby RSP into ROMMON
    rommon 1>
  2. Set a variable to bypass console and auxiliary authentication
    rommon 1> AUX_AUTHEN_LEVEL=0
  3. Save the variable
    rommon 2> sync
  4. Boot the RSP
    rommon 3> boot
  5. Wait for the card to boot, you should see:
    ASR9000 con0/RSP0/CPU0 is in standby
    This (D)RP Node is not ready or active for login /configuration
  6. Press ESC then type ksh, the prompt changes to:
    *** Initiate debug session ***
    #
  7. Check the rollback history, change 0x1 to 0x2, 0x3 etc. as needed:
    # show_config_changes -r -n 0x1
  8. Rollback the config
    # config_rollback –n 0x1
  9. Verify. Attempt to login to the Active RSP using any terminal type
  10. Recover, bring the standby RSP back down to ROMMON
    rommon 1>
  11. Unset the variable to bypass the auxiliary authentication
    rommon 1> unset AUX_AUTHEN_LEVEL
  12. Save the variable set
    rommon 2> sync
  13. Boot the RSP
    rommon 3> boot

How to get the RSP into ROMMON

  • On multi-RSP systems, this should cause zero production impact.
  • On the ASR-9001, follow the same steps, but plan a maintenance window as there is no standby RSP.
  1. Connect to the CONSOLE port on the desired RSP. You may see:
    Active RSP
    LED: ACTV
    Prompt: Username:
    Standby RSP
    LED: STBY
    Prompt: This (D)RP Node is not ready or active for login /configuration
  2. Reslot the RSP. It will start booting. The LED will show:
    INIT
    BOOT
    PST3
  3. On the console terminal press CTRL+C repeatedly, until the ROMMON prompt appears:
LED: RMM
Prompt: rommon 1 >

If you see this, try the above steps again:

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706



Cisco IOS XR Software for the Cisco XR ASR9K, Version 5.2.2
Copyright (c) 2014 by Cisco Systems, Inc.

Example Output for Entering ROMMON

Selecting ROMMON Image... B
DDR in Interleaved mode
POST 1 : PASSED : code 0 : DDR2 Memory Quick Test

CPU Reset Reason = 0x0002
POST 2 : PASSED : code 0 : FPGA Flash Image CRC Checks

Loading Field Programmable Devices:
FPGA 0-B PROGRAMMED  : image: 0xff500028 - 0xff576cca, et: 117ms
FPGA 1-B PROGRAMMED  : image: 0xff400028 - 0xff4d1034, et: 206ms
FPGA 2-B PROGRAMMED  : image: 0xff100028 - 0xff276358, et: 369ms
FPGA 3-B PROGRAMMED  : image: 0xff000028 - 0xff0454a8, et: 69ms

System Bootstrap, Version 1.06(20120210:003513) [ASR9K ROMMON], 
Copyright (c) 1994-2012 by Cisco Systems, Inc.
Compiled Thu 09-Feb-12 16:35 by saurabja

  CPUCtrl:  1.18  [00000001/00000012]
  ClkCtrl:  1.23  [00000001/00000017]
  IntCtrl:  1.15  [00000001/0000000f]
     Punt:  1.5   [00000001/00000005]
      CBC:  1.3 
      BID: 0x0006


PPC 8641D (partnum 0x8004), Revision 03.00, (Core Version 02.02)
M8641 CLKIN:   66 Mhz
 Core Clock: 1333 Mhz
  MPX Clock:  533 Mhz
  LBC Clock:   33 Mhz

POST 3 : PASSED : code 0 : Slot ID/Board Type Validity
PCI-E1: Ready as Root Complex
PCI-E2: Ready as Root Complex


set_chassis_type: chassis_type=0xef02ff found=TRUE
ASR9K (8641D PPC) platform with 8192 Mb of main memory

program load complete, entry point: 0x100000, size: 0x2ac20
program load complete, entry point: 0x100000, size: 0x2ac20
MBI Candidate = disk0:asr9k-os-mbi-5.2.2/0x100000/mbiasr9k-rp.vm
 [CTRL-C]

Serial ID: XXXXXXXXXXX
rommon B1 > 
rommon B1 > 
rommon B1 > 
rommon B1 >

References

ASR9000 How to reset a lost password - Xander's Guide

Rating: 4.5/5 (2 votes cast)

Personal tools