Cisco Catalyst交换机密码恢复策略

如果交换机的login密码忘记了咋办啊?(T-T)
  别急别急,只要你有PC,有类似超级终端(Hyper Terminal)这样是终端程序,连接到交换机的console口,那么密码的恢复就N简单了.
  
  1.对于Catalyst 2900/3500XL系列来说:
  拔下交换机的电源线,然后按住交换机的Mode按钮,再重新插上交换机的电源线.直到端口Port 1x的LED熄灭之后释放Mode按钮.
  就这么简单,别告诉我你不知道Mode按钮在哪啊-_-#
  
 
 2.对于Catalyst 2940/2950L系列来说:
  拔下交换机的电源线,然后按住交换机的Mode按钮,再重新插上交换机的电源线.直到STAT的LED熄灭之后释放Mode按钮.
  
  3.对于Catalyst 2955系列来说:
  Catalyst 2955没有没有外部的Mode按钮,因此就不能使用之前的那种方法来进行密码恢复.在交换机启动时,对于Windows系列的PC,按下Ctrl+Break键;对于UNIX系列的工作站,按下Ctrl+C.如下:
  C2955 Boot Loader (C2955−HBOOT−M) Version 12.1(0.0.514), CISCO DEVELOPMENT TEST
  VERSION
  Compiled Fri 13−Dec−02 17:38 by madison
  WS−C2955T−12 starting...
  Base ethernet MAC Address: 00:0b:be:b6:ee:00
  Xmodem file system is available.
  
  Initializing Flash...
  flashfs[0]: 19 files, 2 directories
  flashfs[0]: 0 orphaned files, 0 orphaned directories
  flashfs[0]: Total bytes: 7741440
  flashfs[0]: Bytes used: 4510720
  flashfs[0]: Bytes available: 3230720
  flashfs[0]: flashfs fsck took 7 seconds.
  ...done initializing flash.
  Boot Sector Filesystem (bs:) installed, fsid: 3
  Parameter Block Filesystem (pb:) installed, fsid: 4
  /---接下来交换机会在15秒内自动启动,等出现该信息之后,按下Ctrl+Break键或Ctrl+C键----/
  
  The system has been interrupted prior to initializing the flash file system to finish
  loading the operating system software:
  flash_init
  load_helper
  bootswitch:
  
  接下来输入flash_init命令:
  switch:flash_init
  Initializing Flash...
  flashfs[0]: 143 files, 4 directories
  flashfs[0]: 0 orphaned files, 0 orphaned directories
  flashfs[0]: Total bytes: 3612672
  flashfs[0]: Bytes used: 2729472
  flashfs[0]: Bytes available: 883200
  flashfs[0]: flashfs fsck took 86 seconds
  ....done Initializing Flash.
  Boot Sector Filesystem (bs:) installed, fsid: 3
  Parameter Block Filesystem (pb:) installed, fsid: 4
  switch:
  
  接着输入load_helper命令:
  switch:load_helper
  switch:
  
  再输入dir flash:命令显示交换机的文件系统:
  switch:dir flash:
  Directory of flash:/
  2 −rwx 1803357 c3500xl−c3h2s−mz.120−5.WC7.bin
4 −rwx 1131 config.text
5 −rwx 109 info
6 −rwx 389 env_vars
7 drwx 640 html
18 −rwx 109 info.ver
403968 bytes available (3208704 bytes used)
switch:

把配置文件重命名:
switch:rename flash:config.text flash:config.old
switch:

输入boot命令启动交换机:
switch:boot
Loading "flash:c3500xl−c3h2s−mz.120−5.WC7.bin"...###############################
################################################################################
######################################################################
File "flash:c3500xl−c3h2s−mz.120−5.WC7.bin" uncompressed and installed, entry po
int: 0x3000
executing...
(略)

不进入setup模式:
−−− System Configuration Dialog −−−
At any point you may enter a question mark '?' for help.
Use ctrl−c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Continue with configuration dialog? [yes/no]: n

进入特权模式,恢复原始的配置文件:
Switch#rename flash:config.old flash:config.text
Destination filename [config.text]
Switch#

把配置文件保存在内存里:
Switch#copy flash:config.text system:running−config
Destination filename [running−config]?
1131 bytes copied in 0.760 secs
Switch#

进入全局配置模式,取消密码设置:
Switch(config)#no enable secret

保存配置:
Switch#write memory
Building configuration...
[OK]
Switch#

搞定了@_@

4.对于Catalyst 3550/3750系列来说:
1.通过带有支持Xmodem协议的超级终端程序的PC连接到交换机的console口,把波特率设置为9600.
2.拔掉交换机的电源.
3.按下交换机上的Mode按钮,与此同时,重新插上交换机的电源线.当交换机端口1X上的LED熄灭后可以松开Mode按钮1到2秒.之后将显示一些指示信息:
The system has been interrupted prior to initializing the flash file system. The following
commands will initialize the flash file system, and finish loading the operating system
software:
flash_init
load_helper
boot
switch#
4.初始化flash文件系统:
switch#flash_init
5.加载帮助文件:
switch#load_helper
6.显示闪存里的内容:
switch#dir flash:
7.重命名配置文件:
switch#rename flash:config.text flash:config.text.old
8.启动系统,并且如果提示进入setup模式,输入N:
switch#boot
Continue with the configuration dialog? [yes/no]: N
9.进入特权模式,把配置文件名恢复为原始文件名:
Switch#rename flash:config.text.old flash:config.text
10.把配置文件写进内存:
Switch#copy flash:config.text system:running-config
Source filename [config.text]?
Destination filename [running-config]?
11.进入全局配置模式更改密码:
Switch(config)#enable secret {password}
12.退出,并保存到startup-config文件里:
Switch(config)#copy running-config startup-config

  其实有的时候硬件安全比软件安全还要重要些.不然人人都抗个本本,.连根线到console口去恢复密码了-_-

本文转自游来游去岛博客51CTO博客,原文链接http://blog.51cto.com/ylyqd/2150如需转载请自行联系原作者


wingking84

上一篇:Linux 关闭防火墙(6/7/8)


下一篇:阿里云招募11大技术领域开发者,独家技术资料包群内领取