hi leo,

this is cool! +5

Router(config)#no service password-recovery

WARNING:

Executing this command will disable password recovery mechanism.

Do not execute this command without another plan for

password recovery.

Are you sure you want to continue? [yes/no]: yes

Router(config)#config-register 0x2142

Password recovery is disabled, cannot enable diag or ignore configuration.

----

System Bootstrap, Version 12.3(8r)YI4, RELEASE SOFTWARE

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 2006 by cisco Systems, Inc.

C870 series (Board ID: 1-148) platform with 131072 Kbytes of main memory

PASSWORD RECOVERY FUNCTIONALITY IS DISABLED

Booting flash:/c870-advsecurityk9-mz.124-15.T1.bin

Self decompressing the image : ######################################################### [OK]

Username: cisco

Password:

yourname#

Thanks John.

Hi,

I've tried this before on several of the routers, but it makes no difference, the router continues to try to boot but can't because of the problem with the IOS and is unable to enter ROMMON because the no password recovery is set.

Just to confirm, when moving the strataflash from another 877 to the bricked one, this error occurs:

PASSWORD RECOVERY FUNCTIONALITY IS DISABLED

flashfs[0]: dir struct error[1].

flash: file system initialization failed

Could not open boot directory: flash:/

Unable to open boot fil

Hi Adam,

It looks like a bad or corrupted flash.

I would suggest to contact TAC and have it RMA'd.

Sent from Cisco Technical Support iPhone App

Hi John,

If I remove the flash from the bad router and place it in a good router WITHOUT "no service password recovery" set, then the good router enters ROMMON and I'm able to send a new IOS to the flash and the good router boots find with the bad routers flash. When I then put that flash back in one of the bad routers, it displays the same symptoms. I do not believe there to be any actual problems with the routers or flash, but I believe the IOS was mistakingly deleted and the router rebooted which caused the loop. So it is a conflict between no IOS present in the flash and the "no service password recovery" which causes this seemingly unrepairable state. It's almost as if the no password recovery option encrypts the flash so it can only be read by that router and it can only read a flash from that router at the time the no password recovery was set!

Also, just to note, these routers do not have any current support contract on them, so returning to Cisco is not an option.

This is the message I get on the bad router when I put the "repaired" flash back in

PASSWORD RECOVERY FUNCTIONALITY IS DISABLED

flashfs[0]: inconsistent sector list, fileid 2, parent_fileid 0

flashfs[0]: relinked orphaned file into the fs as "/lost+found/00003".

No bootable image file: flash:/

Unable to open boot file

Routers with password recovery disabled CAN NOT be recovered by any publiclly documented method.

If someone tells you otherwise, challenge to prove you how.

Hey Paolo,

Haven't seen you posting.  Hope everything is fine. 

Breaking into a router with "no service password-recovery" enabled is do-able.  I've done this several times as a demo to my colleagues who share your same opinion.  Click here.

leolaohoo wrote:
Hey Paolo, 
Haven't seen you posting.  Hope everything is fine.  
Breaking into a router with "no service password-recovery" enabled is do-able.  I've done this several times as a demo to my colleagues who share your same opinion.  Click here.

All is fine and so I hope about you

Sorry to tell that you are wrong, but the example you posted is about a very old router that can have buggy rommon, and if you mread it accurately, it doen;t make any sense. It does not even expalin what the guy did. Beside, I tend not to take seriously posts that begin referencing alcohol ingestion.

Let us know when you can "break into" an ISR router, for example.