AM I correct in thinking that if I change the config-register to 0x2142 this will disable the break key? Thus trying passsword recovery will be unobtainable? How would one bypass this? I haev performed password recovery using ALT +B then o/r (config register) then i Without being able to break the routers start up -how can you perfrom password recovery? Many thanks.
No, not at all 0x2142 is used to boot the device in to rommon to do password recovery. You can use the command "no service password-recovery" to disable password recovery.
If one was to use that -woulfd the router be irrepiable?
check this Cisco Systems IOS(tm) Configuration Register Decoder :
NIce one for that link-I am still unsure however ,that if you were to disable the break key and then lost you rpassword-how would you be bale to get back in and change the config-register? TIA
No, that is whole point! You will get a warning when do this.
router1(config)#no service password-recovery WARNING: Executing this command will disable password recovery mechanism. Do not execute this command without another plan for password recovery.
Are you sure you want to continue? [yes/no]: yes router1(config)#end
Doan
Cisco answer, you can't. Once password recovery is disabled you are locked out of doing password recovery.
So I am guessing you would have to return your router to Cisco? Would that be the only way to ensure security on your Router? Disable the break key and then ensure you know the passwords!
No you can't recover clear text passwords or use the config that was on the device, but you can wipe it and start with a blank config.
The difference here between the normal recovery process and having no spr is the startup config is wiped. Rather then letting you rename the config etc.
To recover a device once the No Service Password-Recovery feature has been enabled, press the Break key within 5 seconds after the image decompresses during the boot. You are prompted to confirm the Break key action. When you confirm the action, the startup configuration is erased, the password-recovery procedure is enabled, and the router boots with the factory default configuration.
If you do not confirm the Break key action, the router boots normally with the No Service Password-Recovery feature enabled.
So ,to clarify-if I was to disable the break key in the config-register using 0x2102 for example- when i power cycled the router I would still be able to break the sequence? If I didnt know th epasswords I assumed that due to break key being disabled I owuld be unable to "break" the boot sequence, thus being unable to go into Rommon mode and bypass the password login? TIA
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.