Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7559
Views
0
Helpful
5
Replies

C3850 - Disabled Password Recovery not vissible in configuration

Go to solution
danielbarri
Level 1
Level 1

‎05-31-2018 12:50 AM - edited ‎03-08-2019 03:11 PM

When a 3850 is configured with:

 

Switch(config)# system disable password recovery switch all

 

This configuration line is not visible when running "show running-config [all]" or "show bootvar"

How do I figure it out if the password recovery is enabled or disabled?

 

The c3850  "Disabling Password Recovery" documentation says:

----------

This setting is saved in an area of the flash memory that is accessible
by the boot loader and the Cisco IOS image, but it is not part of the
file system and is not accessible by any user.

----------

Does it mean that the password recovery configuration won't be visible anywhere? But still I need to know if "password recovery" is on/off

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
danielbarri
Level 1
Level 1
In response to Georg Pauwen

‎06-04-2018 01:29 AM

It seems that the "password recovery" settings are only visible at rommon:

--------------------------

When we disable password recovery on switch, the ROMMON variable “SWITCH_DISABLE_PASSWORD_RECOVERY” indicates 1 and when we enable password recovery, it indicates 0. By default password recovery is enabled on switch.
 
Disabling password recovery-

Switch(config)#system disable password recovery switch all
Applying config on Switch 1...[DONE]
Applying config on Switch 2...[DONE]
Applying config on Switch 3...[DONE]
!

Switch: set
<SNIP>
SWITCH_DISABLE_PASSWORD_RECOVERY=1  <<<<< This indicates password recovery is disabled
SWITCH_IGNORE_STARTUP_CFG=0
SWITCH_NUMBER=1
<SNIP>
!

Now trying to enable password recovery

Switch(config)#no system disable password recovery switch all
Applying config on Switch 1...[DONE]
Applying config on Switch 2...[DONE]
Applying config on Switch 3...[DONE]
!
!

switch: set
<SNIP>
SWITCH_DISABLE_PASSWORD_RECOVERY=0  <<<<< This indicates password recovery is enabled
SWITCH_IGNORE_STARTUP_CFG=0
SWITCH_NUMBER=1
<SNIP>
!
Switch-3850s#sh run |  i password recove
Switch-3850s#sh run all | i password re
Switch-3850s#

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Georg Pauwen
VIP
VIP

‎05-31-2018 04:25 AM

Hello,

 

check which files and directories are in your flash. You might be able to read the content with the sample command below. This from GNS3, the flash is flash0, the directory boot, the subdirectory grub, and the file grubenv

 

3850#more flash0:/boot/grub/grubenv

 

0 Helpful

Go to solution
danielbarri
Level 1
Level 1
In response to Georg Pauwen

‎05-31-2018 05:47 AM

There's no any "boot" folder under flash:/

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to danielbarri

‎05-31-2018 06:58 AM

Hello,

 

'boot' was just an example. What is the output of 'dir flash" ?

0 Helpful

Go to solution
danielbarri
Level 1
Level 1
In response to Georg Pauwen

‎06-04-2018 01:29 AM

It seems that the "password recovery" settings are only visible at rommon:

--------------------------

When we disable password recovery on switch, the ROMMON variable “SWITCH_DISABLE_PASSWORD_RECOVERY” indicates 1 and when we enable password recovery, it indicates 0. By default password recovery is enabled on switch.
 
Disabling password recovery-

Switch(config)#system disable password recovery switch all
Applying config on Switch 1...[DONE]
Applying config on Switch 2...[DONE]
Applying config on Switch 3...[DONE]
!

Switch: set
<SNIP>
SWITCH_DISABLE_PASSWORD_RECOVERY=1  <<<<< This indicates password recovery is disabled
SWITCH_IGNORE_STARTUP_CFG=0
SWITCH_NUMBER=1
<SNIP>
!

Now trying to enable password recovery

Switch(config)#no system disable password recovery switch all
Applying config on Switch 1...[DONE]
Applying config on Switch 2...[DONE]
Applying config on Switch 3...[DONE]
!
!

switch: set
<SNIP>
SWITCH_DISABLE_PASSWORD_RECOVERY=0  <<<<< This indicates password recovery is enabled
SWITCH_IGNORE_STARTUP_CFG=0
SWITCH_NUMBER=1
<SNIP>
!
Switch-3850s#sh run |  i password recove
Switch-3850s#sh run all | i password re
Switch-3850s#

0 Helpful

Go to solution
Matthias
Level 1
Level 1

‎01-08-2025 05:32 AM

#show romvar

will also do the job without reboot in ROMMON

 

AIR-LAB1-S1#sh romvar
ROMMON variables:
ASIC_PCI_RESET="1"
AUTO_SWITCH_CONSOLE_DISABLE="0"
BOOT_LOADER_UPGRADE_DISABLE="1"
CFG_MODEL_NUM="WS-C3650-24TS-E"
CLEI_CODE_NUMBER="IPMV810BRE"
CSR_PCIERST_DISCONNECTED="yes"
D_STACK_DOMAIN_NUM="1"
ECI_CODE_NUMBER="470063"
LICENSE_BOOT_LEVEL="ipservicesk9,all:ngwc;"
MAC_ADDR="2C:5A:0F:96:10:00"
MANUAL_BOOT="no"
MODEL_NUM="WS-C3650-24TS"
MODEL_REVISION_NUM="P0"
MOTHERBOARD_ASSEMBLY_NUM="73-15898-06"
MOTHERBOARD_REVISION_NUM="A0"
MOTHERBOARD_SERIAL_NUM="FDO210224Q1"
RECOVERY_BUNDLE="sda9:cat3k_caa-recovery.bin"
SWITCH_IGNORE_STARTUP_CFG="0"
SWITCH_NUMBER="1"
SYSTEM_SERIAL_NUM="FDO2103E0KM"
TAN_NUM="800-41246-03"
TAN_REVISION_NUMBER="B0"
TEMPLATE="advanced"
TERMLINES="0"
VERSION_ID="V04"
BAUD="9600"
ABNORMAL_RESET_COUNT="0"
BOOT="flash:cat3k_caa-universalk9.16.12.01.SPA.bin;"
BSI="0"
RANDOM_NUM="992854735"
AIR-LAB1-S1#

0 Helpful
Customers Also Viewed These Support Documents