Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1137
Views
0
Helpful
4
Replies

Changing password in running-config file then uploading

mystrwizard
Level 1
Level 1

‎12-15-2005 03:55 PM - edited ‎03-05-2019 11:43 AM

Thanks to you all I am learning the CISCO IOS and config files but have one question regarding the passwords. Once I took over here and the main I.T. person was let go, I had to the Cisco basics since we have a little Cisco 831 router for a firewall. Ive got the running-config backed up but do not know the passwords for the router so what I want to know, can you retype the new passwords in the backed up config file and then upload or copy/paste it to change the passwords without doing any other changes or do you have to have the router running and go in and use the command line to change the passwords? If can do it through the config file before uploading it, what are the command lines to type in?

Thanks again all for everything, this has been by far the best help one can get on Cisco questions anywhere on the net!

Labels:
0 Helpful
4 Replies 4

scottmac
Level 10
Level 10

‎12-15-2005 07:09 PM

If you have "enable" access to the router now, you can change the passwrds from the CLI (I'm guessing you dont).

If the router is running, but you don't have enable access, then your only choice is a "password recovery" procedure.

Basically the process is this:

Turn the router off, then turn it on

Within 30 seconds, send a "break" (or ctrl-c in some cases)

Set the config register to ignore the "startup config"

enter "enable" mode

do a "copy start run" to load the previous configuration

Then reset the config register (confreg) back to the original value so it will boot using the startup config

Here's the link with the exact procedure:

http://www.cisco.com/en/US/products/hw/routers/ps380/products_password_recovery09186a00800942c2.shtml

You cannot "push" a new configuration to the router without knowing the password(s).

Good Luck

Scott

0 Helpful

nhabib
Level 9
Level 9

‎12-15-2005 07:14 PM

If you have the SNMP Read-Write string that is configured on the router (if any), then you may use SNMP to do the password recovery.

0 Helpful

mheusinger
Level 10
Level 10
In response to nhabib

‎12-15-2005 11:30 PM

Hi,

in case you can upload a new config file you could rest the passwords. The configuration is a pure text file and can be modified with a text editor.

You could remove all "enable password" and "enable secret" statements from the config and insert

enable password 12345

instead (for security reasons use a better password than 12345 immediately after you can access the router!).

There might be also console passwords and passwords on the vty lines (telnet access). Remove password statements there.

Do you have a radius or TACACS server in place? this could get things more complicated. In case you have physical access the password recovery option above might be the best option.

If not: could you post the saved config file, namely the "enable password" parts and the "line con0" and "line vty 0 4" section.

For security reasons remove the real password and IP entries in your config and replace them by XXXX before posting.

Regards

Martin

0 Helpful

desai.jaideep
Level 5
Level 5

‎12-17-2005 01:40 AM

Hi

(1)Open the config file

(2)Search for lines such as:

"

enable secret xxxx

!"

"

enable secret xxxx

!"

If its the first, then you can break it.The later is higher bit encryption.

(3)if you replace the line with "enable secret cisco", then your password will become "cisco"

Pls reply.If possible, pls post the config. you have.

Regards

JD

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card