Following up on my own question, at least on the SG220 (and I suspect higher machines, like SG300 and such), it is possible to perform a password recovery, without wiping out the config. I do not think this works on an SG200 series, as it has no serial console port, but the SG220 and up do have console ports, and that is what you need to reset just the main user password. Specifically:
Connect to the serial console port (on rear of SG220), while setting your serial port settings to 9600, N, 8, 1 (this can be changed, but this looks to be the default on the machine I worked on - other models and version of code may have a different default)
Power cycle the switch (remove the power cord and plug it back in)
Switch will start to boot, and shortly after post the message ""Autoboot in 3 seconds - press Esc. to abort"
Press the "esc" key and it should present a menu. Mine looked like this, but yours may vary, depending on code or other reasons:
Startup Menu
[1] Password Recovery Procedure
[2] Restore Factory Defaults
[3] Erase Flash File
[4] Loader Shell
[0] Exit
Enter your choice:
From here I typed a "1" and pressed the enter key, to select "Password Recovery Procedure". The switch immediately began to reload and I let it boot up until it said "Press any key to continue". I pressed a key and it asked for a username (I entered the default user "cisco") and then a password (I entered the default cisco user password ("cisco"), and I was logged in and could begin to make any changes desired.
Below is a commented log output of my session performing this task:
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2023.02.18 10:00:56 =~=~=~=~=~=~=~=~=~=~=~=
! >>> Connecting to serial conosle connection at 9600, N, 8, 1
! >>> My comments entered as "<<< xxxxxxxxxxxx >>>"
! <<< connected to console and it prompted for the credentials, which I did not have >>>
Username:
! <<< Power cycle switch here by removing the power cord and reinserting it>>>
BOOT Software Version 1.0.0.6 (Jan 24 2014 - 14:44:30)
####### ### ####### ####### #####
######### ### ### ## ######### #########
### ### #### ### ### ###
### ### ### ### ### ###
### ### #### ### ### ###
######### ### ## ### ######### #########
####### ### ####### ####### #####
Networking device with Realtek MIPS CPU core.
CPU:700MHz LXB:200MHz MEM:400MHz
DRAM: 128 MB
SPI-F: 1x32 MB
Switch Model: SG220-50P (Port Count: 50)
MAC Address : B0:7D:47:xx:xx:xx <<< xx:xx:xx changed by me >>>
Memory test...............................PASSED
Autoboot in 3 seconds - press Esc. to abort�
! <<< Press esc key here >>>>
Startup Menu
[1] Password Recovery Procedure
[2] Restore Factory Defaults
[3] Erase Flash File
[4] Loader Shell
[0] Exit
Enter your choice:
! <<< Typed 1 here and pressed enter - immidiatly started reloading with default user ID and PW >>>
Erasing SPI flash...II: Erasing 4096 bytes from 00090000... 0%����100%
Writing to SPI flash...II: Writting 4096 bytes to 00090000... 0%���� 7%���� 13%���� 19%���� 25%���� 32%���� 38%���� 44%���� 50%���� 57%���� 63%���� 69%���� 75%���� 82%���� 88%���� 94%����100%
done
## Booting image from partition ... 2
Image Name: 1.0.1.1
Created: 2016-06-29 15:52:55 UTC
Image Type: MIPS Linux Kernel Image (gzip compressed)
Data Size: 7182504 Bytes = 6.8 MB
Load Address: 80000000
Entry Point: 8026f000
Verifying Checksum ... OK
Uncompressing Kernel Image ... OK
Starting ...
*Jan 01 2000 07:00:56: %System-5: Logging is enabled
*Jan 01 2000 07:00:56: %System-5: System Startup!
�[H�[JPress any key to continue
*Jan 01 2000 07:00:58: %Port-5: GigabitEthernet6 link up
! <<< Logged in with default credentials - cisco/cisco >>>
Username: cisco
Password: *****
*Jan 01 2000 07:01:22: %AAA-5: New console connection for user cisco, source async ACCEPTED
SW1#
I hope tis helps others that encounter this situation, that need to recover from a lost password on an SG-220, without losing the config.
Thanks, Matt
