Recovering from expired one-time username

A reader sent me an interesting question:

Do you have any advice for resetting/logging into a router (2821) where the one time user of cisco:cisco has already been used?

I couldn't offer any better advice than performing the regular password recovery procedure. Is there another solution?

This article is part of You've asked for it series.

4 comments:

  1. What about real OTP? http://en.wikipedia.org/wiki/One-time_password

    A challenge-response OTP would help immensely when dealing with outsiders who want temp access.

    ReplyDelete
  2. As long as you have not done a write mem, a reboot will allow you to use the one time password again

    ReplyDelete
  3. The issue in this case would be that router will not allow you to go to rommon by using simple ctrl+break. Follow the steps

    1) Turn off the router
    2) remove the flash
    3) turn on the router
    4) router will now go to rommon !!
    5) change register value to 0x2142.
    6) reset
    7) turn off the router
    8) place the flash back
    9) THE END

    Hope this helps

    ReplyDelete
  4. Pappyar, unless you know what you are talking about please do not offer advise!
    Cisco configs are held in NVRAM not Flash, removing the flash will prevent the router from booting nothing else.
    As Adam says a simple power reset will allow the use of the OTP as long as the config has not been saved. If you do need to do a full password recovery then issuing a break sequence during bootup and then confreg 0x2142 will make the router ignore the startup-configuration. >:o

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.