Recovering the root password on the MX80 platform

This article describes the procedure of recovering the root password on the MX80 platform.

The general password recovery procedure sometimes does not work on the MX80 platform. This article describes a workaround to recover the root password on the MX80.

First try the general password recovery procedure described in Technical Publications:

http://www.juniper.net/techpubs/en_US/junos/topics/task/configuration/authentication-root-password-recovering.html

If the above procedure does not work on a MX80 router, then use the following instructions:

Note: You need console access to recover the root password.

To recover the root password:

1. Power off the MX80 by turning off the power switch on the front panel.

2. Connect one end of the rollover cable, supplied with the router, to the RJ-45–to–DB-9 serial port adapter supplied with the router.

3. Connect the RJ-45–to–DB-9 serial port adapter to the serial port on the management device (e.g. laptop or PC).

4. Connect the other end of the rollover cable to the console port on the MX80 front panel.

5. On the management device, start your asynchronous terminal emulation application (such as Microsoft Windows HyperTerminal or SecureCRT) and select the appropriate COM port to use (for example, COM1).

6. Configure the port settings as follows:

  • Bits per second: 9600
  • Data bits: 8
  • Parity: None
  • Stop bits: 1
  • Flow control: None

7. Power on the MX80 by turning on the power switch on the front panel. Verify that the Power LED on the front panel turns green. The terminal emulation screen on your management device displays the router’s boot sequence.

8. When the following prompt appears, press the space bar to access the router’s bootstrap loader command prompt:

9. At the loader prompt, type boot -s to start the system in single-user mode:

10. At the next prompt, type recovery to start the root password recovery procedure:

11. At the root prompt, type start shell:

12. At the % prompt, type cd /config:

13. At the % prompt, type gunzip juniper.conf.gz:

14. At the % prompt, type cat -n juniper.conf | grep root-authentication to get the line number of the beginning of the root-authentication configuration in the juniper.conf file. In this example, it is line number 10:

15. At the % prompt, edit the juniper.conf file with the vi editor by typing vi -e juniper.conf and delete the relevant 3 lines in the juniper.conf file. In this example, since these lines begin on line 10 (see step 14), after entering the vi editor, at the “:” prompt type 10 delete 3. Then type wq to save the changes in the file and quit the vi editor:

16. Verify that the root-authentication configuration was removed successfully. This can be done, for example, by entering cat juniper.conf | grep root-authentication at the % prompt:

17. At the % prompt, type gzip juniper.conf:

18. At the % prompt, type cli:

19. At the root prompt, type request system reboot and then type yes:

20. After the system reboots, login as root (there will be no password needed).
21. At the “%” prompt, type cli to enter the command line interface mode:

22. At the > prompt, type configure to enter the configuration mode:

23. At the # prompt, configure a new root password and commit:

 

About the author

Prasanna

Leave a Comment