Вы находитесь на странице: 1из 23

FOR BROCADE INTERNAL USE ONLY

TROUBLESHOOTING GUIDE

FOR BROCADE INTERNAL USE ONLY TROUBLESHOOTING GUIDE Brocade Fabric OS Password Recovery Notes, 8.0.1 Supporting Fabric

Brocade Fabric OS Password Recovery Notes, 8.0.1

Supporting Fabric OS 8.x, 7.x

53-1004129-02

30 June 2016

FOR BROCADE INTERNAL USE ONLY

© 2016, Brocade Communications Systems, Inc. All Rights Reserved.

Brocade, Brocade Assurance, the B-wing symbol, ClearLink, DCX, Fabric OS, HyperEdge, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, Vplane, and Vyatta are registered trademarks, and Fabric Vision is a trademark of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of others.

Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.

The authors and Brocade Communications Systems, Inc. assume no liability or responsibility to any person or entity with respect to the accuracy of this document or any loss, cost, liability, or damages arising from the information contained herein or the computer programs that accompany it.

The product described by this document may contain open source software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Contents

Preface

5

Document conventions

5

Text formatting conventions

5

Command syntax conventions

5

Notes, cautions, and warnings

6

Brocade resources

6

Contacting Brocade Technical Support

6

Brocade customers

6

Brocade OEM customers

7

Document feedback

7

Fabric OS password recovery notes

9

Password recovery overview

9

Password recovery for Fabric OS 4.x and later

9

Password recovery using root account

9

Password recovery using the Boot PROM interface

11

Password recovery using the Boot PROM interface

11

Obtaining the boot PROM recovery password

12

Removing the boot PROM password

13

Password recovery procedure: quick reference

13

Password recovery procedure for Brocade 6505, 6510, and 6520 switches

14

Password recovery procedure for Brocade DCX 8510-8 and DCX 8510-4

16

Password recovery procedure for the Brocade 7840 switch or Brocade Analytics Monitoring Platform

18

Password recovery procedure for Brocade G620 switch

20

Password recovery procedure for Brocade X6-8 and X6-4 Directors

21

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Preface

Document conventions

5

Brocade resources

6

Contacting Brocade Technical Support

6

Document feedback

7

Document conventions

The document conventions describe text formatting conventions, command syntax conventions, and important notice formats used in Brocade technical documentation.

Text formatting conventions

Text formatting conventions such as boldface, italic, or Courier font may be used in the flow of the text to highlight specific words or phrases.

Format

Description

bold text

Identifies command names

Identifies keywords and operands

Identifies the names of user-manipulated GUI elements

Identifies text to enter at the GUI

italic text

Identifies emphasis

Identifies variables

Courier font

Identifies document titles

Identifies CLI output

Identifies command syntax examples

Command syntax conventions

Bold and italic text identify command syntax components. Delimiters and operators define groupings of parameters and their logical relationships.

Convention

Description

bold text

Identifies command names, keywords, and command options.

italic text

Identifies a variable.

value

In Fibre Channel products, a fixed value provided as input to a command option is printed in plain text, for example, --show WWN.

[ ]

Syntax components displayed within square brackets are optional.

{

x

|

y | z }

Default responses to system prompts are enclosed in square brackets.

A choice of required parameters is enclosed in curly brackets separated by vertical bars. You must select one of the options.

In Fibre Channel products, square brackets may be used instead for this purpose.

x | y

A vertical bar separates mutually exclusive elements.

< >

Nonprinting characters, for example, passwords, are enclosed in angle brackets.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Preface

Convention

Description

Repeat the previous element, for example, member[member

\

Indicates a “soft” line break in command examples. If a backslash separates two lines of a command input, enter the entire command at the prompt without the backslash.

Notes, cautions, and warnings

Notes, cautions, and warning statements may be used in this document. They are listed in the order of increasing severity of potential hazards.

NOTE A Note provides a tip, guidance, or advice, emphasizes important information, or provides a reference to related information.

ATTENTION An Attention statement indicates a stronger note, for example, to alert you when traffic might be interrupted or the device might reboot.

CAUTION A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data.traffic might be interrupted or the device might reboot. A Danger statement indicates conditions or situations

A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety labels are also attached directly to products to warn of these conditions or situations.or cause damage to hardware, firmware, software, or data. DANGER Brocade resources Visit the Brocade website

DANGER

Brocade resources

Visit the Brocade website to locate related documentation for your product and additional Brocade resources.

You can download additional publications supporting your product at www.brocade.com. Select the Brocade Products tab to locate your product, then click the Brocade product name or image to open the individual product page. The user manuals are available in the resources module at the bottom of the page under the Documentation category.

To get up-to-the-minute information on Brocade products and resources, go to MyBrocade . You can register at no cost to obtain a user ID and password.

Release notes are available on MyBrocade under Product Downloads.

White papers, online demonstrations, and data sheets are available through the Brocade website.

Contacting Brocade Technical Support

As a Brocade customer, you can contact Brocade Technical Support 24x7 online, by telephone, or by e-mail. Brocade OEM customers contact their OEM/Solutions provider.

Brocade customers

For product support information and the latest information on contacting the Technical Assistance Center, go to http:// www.brocade.com/services-support/index.html.

If you have purchased Brocade product support directly from Brocade, use one of the following methods to contact the Brocade Technical Assistance Center 24x7.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Preface

Online

Telephone

E-mail

Preferred method of contact for non-urgent issues:

Required for Sev 1-Critical and Sev 2-High issues:

Please include:

My Cases through MyBrocade

Continental US: 1-800-752-8061

Problem summary

Serial number

Software downloads and licensing tools

Europe, Middle East, Africa, and Asia Pacific: +800-AT FIBREE (+800 28 34 27 33)

Installation details

For areas unable to access toll free number: +1-408-333-6061

Environment description

Toll-free numbers are available in many countries.

Brocade OEM customers

If you have purchased Brocade product support from a Brocade OEM/Solution Provider, contact your OEM/Solution Provider for all of your product support needs.

OEM/Solution Providers are trained and certified by Brocade to support Brocade ® products.

Brocade provides backline support for issues that cannot be resolved by the OEM/Solution Provider.

Brocade Supplemental Support augments your existing OEM support contract, providing direct access to Brocade expertise. For more information, contact Brocade or your OEM.

For questions regarding service levels and response times, contact your OEM/Solution Provider.

Document feedback

To send feedback and report errors in the documentation you can use the feedback form posted with the document or you can e-mail the documentation team.

Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document. However, if you find an error or an omission, or you think that a topic needs further development, we want to hear from you. You can provide feedback in two ways:

Through the online feedback form in the HTML documents posted on www.brocade.com.

By sending your feedback to documentation@brocade.com.

Provide the publication title, part number, and as much detail as possible, including the topic heading and page number if applicable, as well as your suggestions for improvement.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Preface

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Fabric OS password recovery notes

Password recovery overview

9

Password recovery using root account

9

Password recovery overview

Several methods exist for recovering passwords on a Brocade Fabric OS switch or director. The correct approach depends on the version of Fabric OS you are using, which passwords you have, and on the hardware platform you are using.

When attempting to recover a password through a serial cable to the console, always save the output by using the capture functionality under Windows, or the script functionality for UNIX or Linux.

Table 1 lists the procedures described in this document and the conditions under which you would use each procedure to recover passwords. These conditions are a combination of Fabric OS version and account access availability.

TABLE 1 Password recovery procedures and when to use them

Condition (Fabric OS version and account access availability)

Use these procedures

Access to root account on any supported version of Fabric OS

Password recovery using root account on page 9.

Fabric OS 7.x or 8.x

Password recovery using the Boot PROM interface on page 11.

No root account access

Boot PROM interface access

Fabric OS 7.x or 8.x

Obtaining the boot PROM recovery password on page 12, and then Password recovery using the Boot PROM interface on page 11.

No root account access

No Boot PROM interface access

 

Password recovery for Fabric OS 4.x and later

When running Fabric OS 4.x or later, having access to the root account permits you to reset the passwords for all other accounts on the system, including the factory, admin, and user accounts. Admin can reset only the user login. See Password recovery using root account on page 9.

If you do not have access to the root account, you can use the boot PROM method. This option is available only on Fabric OS 4.1 or later. See Password recovery using the Boot PROM interface on page 11. If the password is set on the boot PROM and is unknown, contact your switch service provider for a Boot PROM recovery string to regain access to the switch. See Obtaining the boot PROM recovery password on page 12.

Password recovery using root account

If you have access to the root account, you can reset the passwords on the switch to their factory defaults. This feature is available for all currently supported versions of Fabric OS.

To reset any account password from the root account, complete the following steps.

1. Open a CLI session (by means of a serial connection or Telnet for an unsecured system and SSH or secTelnet for a secure system) to the switch.

2. Log in as root.

3. At the prompt, enter passwddefault .

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

4. The passwords are reset to their factory default values.

The following example illustrates this procedure.

Fabric OS password recovery notes

switch:login> root password: ******** Disclaimer for Root and Factory Accounts Usage! This Fibre Channel switch is equipped with Root and Factory accounts that are intended for diagnostics and debugging purposes solely by the Equipment vendor's trained engineers. Improper use of the functionality made available through the Root or Factory account could cause significant harm and disruption to the operation of the SAN fabric. Your use of the functionality made available through the Root or Factory account is at your sole risk and you assume all liability resulting from such use. The Equipment vendor shall have no liability for any losses or damages arising from or relating to the use of the Root or Factory account (and the functionality enabled thereby) by anyone other than the Equipment vendor's authorized engineers. Proceeding with the usage of this switch as the Root or Factory user explicitly indicates your agreement to the terms of this disclaimer. switch:root> passwddefault Password policies are already set to default. All account passwords have been successfully set to factory default.

NOTE In Fabric OS 8.0.1, the passwddefault command prompts the user to confirm execution. Therefore, the output may vary from earlier versions.

5. Once the passwords have been reset, log into the switch as admin and change the default account passwords.

Make sure to keep a written copy of your switch passwords in a secure location. Table 2 lists the default passwords for Fabric OS switches, and provides a place for you to log your new ones.

TABLE 2 Default passwords

Account

Default password

New Password

factory

shuntang (older switches)

 

password (newer switches)

root

fibranne

 

admin

password

 

user

password

 

NOTE The 'factory' account is not available in Fabric OS 8.0.1 or later.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Password recovery using the Boot PROM interface

Password recovery using the Boot PROM interface

11

Password recovery procedure: quick reference

13

Password recovery procedure for Brocade 6505, 6510, and 6520 switches

14

Password recovery procedure for Brocade DCX 8510-8 and DCX 8510-4

16

Password recovery procedure for the Brocade 7840 switch or Brocade Analytics Monitoring Platform

18

Password recovery procedure for Brocade G620 switch

20

Password recovery procedure for Brocade X6-8 and X6-4 Directors

21

Password recovery using the Boot PROM interface

21 Password recovery using the Boot PROM interface CAUTION Enter commands at the boot PROM interface

CAUTION Enter commands at the boot PROM interface exactly as shown. Incorrectly entered commands at the boot PROM interface can render your switch unstable or unusable. To recover, you will need to seek help from your switch service provider or return the switch to the factory for repair.

You can use this procedure if you need to recover passwords on a device running Fabric OS 7.x or 8.x and the root account is not accessible. If the root account is accessible, use Password recovery using root account on page 9, instead.

To use this procedure, you must have access to the Boot PROM interface; that is, the Boot PROM password must be either available or not set. If you do not have access to the Boot PROM interface, use Obtaining the boot PROM recovery password on page 12 before using this procedure.

The specific steps required to recover passwords using the Boot PROM interface depend on several factors, including the following:

The Boot ROM environment: Two Boot ROM environments exist, the original “440” processor types and the newer Freescale processor type, which uses U-Boot.

Location of the Linux kernel: On earlier products, the Linux kernel was maintained on separate hardware chips. For these products, these procedures make references to MEM()0xF00000000. Later products place the kernel on the compact flash. For these products, these procedures make references to ATA()0xb689f type structures.

Whether the platform has a single Command Processor (CP) or has active and standby CPs, as follows:

This

procedure is disruptive to traffic on the 300, 3250, 3850, 3900, 4100, 200E, 4900, 5000, 5100, 5300,

VA-40FC, 6505, 6510, 6520, 6530, 7500, 7600, Brocade 7840 Extension Switch, and Brocade G620 switches as well

as the Brocade Encryption Switch and Brocade Analytics Monitoring Platform, because it requires you to reboot the switch; traffic will resume after the switch is rebooted.

This

procedure is not disruptive to traffic on the Brocade 12000, 24000, and 48000 directors, or the DCX, DCX-4S,

DCX

8510-4, DCX 8510-8, X6-4, and X6-8 Directors, as you can reset the passwords on the standby CP first, and then

updating the active CP. To reset the passwords on the active CP from the standby CP, extra steps are necessary to communicate with the active CP. These are documented in the appropriate procedures.

Throughput of the switch or Director: 8 Gbps devices, including the Brocade 300, 5100, 5300, DCX, and DCX-4S devices, require the creation of a temporary boot environment variable. This is documented in the appropriate procedures.

Table 3 lists the combinations. Each combination has a separate password recovery procedure.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

TABLE 3 Factor combinations and associated Brocade devices

Password recovery using the Boot PROM interface

Factor combinations

Associated Brocade Fabric OS devices

ATA()0xa64g

Brocade 7840 Extension Switch and Brocade Analytics Monitoring Platform

U-Boot ROM

Active CP

16 Gbps platform

ATA()0xa64g

Brocade DCX, DCX-4S, DCX 8510-4, DCX 8510-8, X6-4, and X6-8

U-Boot ROM

Active and standby CPs

8 and 16 Gbps platforms

ATA()0xa64g

Brocade 300, 5100, 5300, 6505, 6510, 6520, 6530, Brocade Encryption Switch, VA-40FC, and G620

U-Boot ROM

Single CP

8 and 16 Gbps platforms

ATA()0xa64g

Brocade 200E, 4900, 5000, 7500, 7600

Original Boot ROM

Single CP

MEM()0xF0000000

Brocade 12000, 24000, 48000

Original Boot ROM

Active and backup CPs

MEM()0xF0000000

Brocade 3250, 3850, 3900, 4100

Original Boot ROM

Single CP

The following links provide detailed procedures for performing password recovery on each group of related devices, as well as a quick reference for advanced users who need only a reminder of the basic steps.

Password recovery procedure: quick reference on page 13.

Password recovery procedure for Brocade 6505, 6510, and 6520 switches on page 14.

Password recovery procedure for Brocade DCX 8510-8 and DCX 8510-4 on page 16.

Password recovery procedure for the Brocade 7840 switch or Brocade Analytics Monitoring Platform on page 18.

Password recovery procedure for Brocade G620 switch on page 20.

Password recovery procedure for Brocade X6-8 and X6-4 Directors on page 21.

Obtaining the boot PROM recovery password

This procedure explains how to gather the information you need to get a Boot PROM recovery password when you do not have the Boot PROM password, or when the Boot PROM password is not known. It applies to devices running Fabric OS version 4.1.x or later.

To obtain the Boot PROM recovery password from your switch support provider, complete the following steps:

1. Connect to the serial port of the switch or standby CP using a terminal emulator.

2. Reboot the switch or standby CP blade.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Password recovery using the Boot PROM interface

3. Press Esc within four seconds following the message "Press escape within 4 seconds

1) Start system. 2) Recover password. 3) Enter command shell. Option?

".

The following prompt appears:

4. Enter 2 at the prompt. A character string is displayed as shown in the following example:

Option? 2 Send the following string to Customer Support for password recovery:

00uasLR1raCqT3FToqy0ZjA== <-- String you must send to your support provider

5. Send the string to your switch support provider to obtain the Boot PROM recovery password for this device.

6. When you receive the Boot PROM recovery password for this device from your switch support provider, perform the following steps to set the Boot PROM password.

7. Follow steps 1-3 above, but enter 3 at the prompt.

Recovery password is NOT set. Please set it now.

8. Enter the Recovery Password you received from your support provider when prompted, and then reenter it when prompted.

Enter the supplied recovery password. Recovery Password: 00uasLR1raCqT3FToqy0ZjA== <-- Supplied by your support provider Re-enter Recovery Password: 00uasLR1raCqT3FToqy0ZjA==

9. At the "New password:" prompt, enter the password you want to be the new Boot PROM password and reenter it when prompted. This is not the same as the recovery password.

New password: xxx Re-enter new password: xxx

10. Record the new Boot PROM password for future reference.

Boot PROM password

The boot process continues to a normal FOS login prompt. However, the passwords for the root and admin accounts are now unknown. To set the root and admin passwords, follow the appropriate set of instructions for your device as listed in Password recovery using the Boot PROM interface on page 11. Once you have completed this procedure, your switch will be back in operational mode.

Removing the boot PROM password

To remove the boot PROM password, complete the following steps.

1. Log into the switch as root.

2. Enter resetPw to clear the boot PROM password usage.

3. Enter saveEnv . Passwords will no longer be required for Boot PROM access.

Password recovery procedure: quick reference

Advanced users who need only a reminder of the basic steps can use this quick reference to recover passwords.

1. Connect to the switch serial port using a terminal emulator.

2. Power-cycle the switch.

3. When prompted to stop test or stop AutoBoot, press Esc .

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

4. Select the "Enter command shell" option. (Usually option 3 .)

5. Enter setenv OSLoadOptions "single".

6. Enter boot.

7. Enter mount -o remount,rw,noatime /

8. Enter mount/dev/hda1 /mnt

Password recovery using the Boot PROM interface

For this step, choose the second parameter for OSRootPartition shown in the printenv output above.

9. Enter /etc/init.d/network start

This step is required only for devices with both active and standby CPs.

10. Enter /sbin/passwddefault

On some platforms, this step during password recovery attempt via bootprom may display error messages such as Raslog Module Initialization failed rc=-1 fabsys device open: No such device or address. This message may be ignored as long as the message All account passwords have been successfully set to factory default. appears in response to this command.

11. Enter bootenv OSLoadOptions "quiet;quiet"

12. Enter reboot -f

Traffic flow will resume when the switch completes rebooting.

Password recovery procedure for Brocade 6505, 6510, and 6520 switches

To recover a password on a Brocade 6505, 6510, and 6520 switches, complete the following procedure.

1. Establish a connection to the Command Processor (CP) through the switch serial port using a terminal emulator.

2. Power-cycle the switch.

3. When prompted to stop test or stop AutoBoot, press Esc. The Boot PROM menu is displayed with the following options:

Start system: Reboots the system.

Recover password: Generates a character string for your support provider to recover the Boot PROM password. Use this feature only when directed by technical support personnel.

Enter command shell: Opens a command shell so you can reset all system passwords.

The reboot will look similar to the following:

Checking system RAM - press any key to stop test Checking memory address: 00100000 System RAM test terminated by keyboard set_bootstatus: BS_LOAD_OS, platform_idx = 6 Hit ESC to stop autoboot: 0 1) Start system. 2) Recover password. 3) Enter command shell. Option?

4. Enter 3 to open a command shell.

5. If the Boot PROM password has been set, you are prompted to enter it.

The Boot PROM has a password only if one was defined. If the Boot PROM password has not been set, you will not be prompted to enter one.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Password recovery using the Boot PROM interface

ATTENTION If you are prompted to enter a new Boot PROM password, make sure it is at least 8 characters in length. Do not select this option unless specifically instructed by support personnel.

6. Enter setenv OSLoadOptions "single" to change the OSLoadOptions setting so that the switch will boot into single-user mode.

=> setenv OSLoadOptions "single"

7. Enter printenv to verify the change.

The following example highlights the field whose value you need to note.

=> printenv AutoLoad=yes BootromVerbose=no InitTest=MEM() LoadIdentifiers=Fabric Operating System;Fabric Operating System OSLoadOptions=single <--- indicates the switch will boot into single-user mode (output truncated)

8. Enter saveenv to save the changes.

=> saveenv Saving Environment to Flash

Done

9. Enter boot with no parameters to bring up the device in single-user mode.

=> boot Map file at LBA sector 0x17da68 ## Booting image at 00400000 (output truncated)

10. Enter mount -o remount,rw / to remount the root partition as capable of read/write operations.

sh-2.04# mount -o remount,rw / EXT3 FS on hda1, internal journal

11. Use the mount command to mount the secondary partition.

If the mount command in the previous step returns hda2, then use hda1 in this command. If the previous command returns hda1, use hda2.

sh-2.04# mount /dev/hda2 /mnt kjournald starting. Commit interval 5 seconds EXT3 FS on hda2, internal journal EXT3-fs: mounted filesystem with ordered data mode.

12. Enter /sbin/passwddefault to reset all passwords to default values.

sh-2.04# /sbin/passwddefault All account passwords have been successfully set to factory default.

ATTENTION If additional user accounts existed, they are deleted. Only the default accounts and passwords remain.

On some platforms, this step during password recovery attempt via bootprom may display error messages such as Raslog Module Initialization failed rc=-1 fabsys device open: No such device or address. These message may be ignored as long as the message All account passwords have been successfully set to factory default. appears in response to this command.

13. Enter bootenv OSLoadOptions "quiet;quiet" to reset the OSLoadOptions to “quiet;quiet”.

14. Enter reboot -f to reboot the switch.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Traffic flow resumes when the switch completes rebooting.

Password recovery using the Boot PROM interface

15. Once the switch has completed rebooting, use a Telnet, serial, or SSH connection to log in as admin to the active CP and set new passwords for all accounts.

This completes the password recovery procedure for these switches.

Password recovery procedure for Brocade DCX 8510-8 and DCX 8510-4

This procedure requires you to connect to the serial port of the switch standby Command Processor (CP) blade. To determine which CP blade is the standby, use the “active” LED to identify the active CP blade. The standby CP blade will be the other CP blade.

1. Establish a connection to the serial port of the standby CP blade using a terminal emulator.

2. Power-cycle the standby CP blade using the physical slider switch on that CP blade.

3. When prompted to stop test or stop AutoBoot, press Esc. The Boot PROM menu is displayed with the following options:

Start system: Reboots the system.

Recover password: Generates a character string for your support provider to recover the Boot PROM password. Use this feature only when directed by technical support personnel.

Enter command shell: Opens a command shell so you can reset all system passwords.

The reboot will look similar to the following:

Checking system RAM - press any key to stop test Checking memory address: 00100000 System RAM test terminated by keyboard set_bootstatus: BS_LOAD_OS, platform_idx = 6 Hit ESC to stop autoboot: 0 1) Start system. 2) Recover password. 3) Enter command shell. Option?

4. Enter 3 to open a command shell.

5. If the Boot PROM password has been set, you are prompted to enter it.

The Boot PROM has a password only if one was defined. If the Boot PROM password has not been set, you will not be prompted to enter one.

ATTENTION If you are prompted to enter a new Boot PROM password, make sure it is at least 8 characters in length. Do not select this option unless specifically instructed by support personnel.

6. Enter setenv OSLoadOptions "single" to change the OSLoadOptions setting so that the switch boots into single-user mode.

7. Enter printenv to verify the change.

The following example highlights the field whose value you need to note.

=> printenv AutoLoad=yes BootromVerbose=no InitTest=MEM() LoadIdentifiers=Fabric Operating System;Fabric Operating System OSLoadOptions=single <--- indicates the switch will boot into single-user mode (output truncated)

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

8. Enter saveenv to save the changes:

=> saveenv Saving Environment to Flash

Done

Password recovery using the Boot PROM interface

9. Enter boot with no parameters to bring up the device in single-user mode.

=> boot ATA device vendor STI Flash 8.0.0, product STI1M73108114125534, revision 01/17/07 Map file at LBA sector 0x5003f (output truncated)

10. Enter mount -o remount,rw/ to remount the root partition as capable of read/write operations.

sh-2.04# mount -o remount,rw / EXT3 FS on hda1, internal journal

11. Enter mount /dev/hda2 /mnt command to mount the secondary partition.

If the mount command in the previous step returns hda2, then use hda1 in this command. If the previous command returns hda1, use hda2.

sh-2.04# mount /dev/hda2 /mnt kjournald starting. Commit interval 5 seconds EXT3 FS on hda2, internal journal EXT3-fs: recovery complete. EXT3-fs: mounted filesystem with ordered data mode.

12. The following commands must be done using the serial connection to the standby CP blade.

a) Enter /bin/cat /etc/hosts to view the /etc/hosts file and determine the CP hostnames.

sh-2.04# /bin/cat /etc/hosts 127.0.0.1 localhost

10.64.148.23 swd77 #sw0 255.255.240.0

10.64.148.24 swd76 #sw1 255.255.240.0

10.64.128.25 mycp0 #cp0 255.255.240.0 <--- CP0 SLOT 5

10.64.148.26 cp1 #cp1 255.255.240.0 <--- CP1 SLOT 6

0.0.0.0

#fc0 0.0.0.0

0.0.0.0

#fc1 0.0.0.0

10.0.0.5

cp_0_inteth #cp_0_internaleth

10.0.0.6

cp_1_inteth #cp_1_internaleth

NOTE The hostnames for CP0 and CP1 are user-definable, and are different for each installation.

b) Use the hostname displayed in the previous step to set the appropriate hostname for the standby CP. In this example the standby CP is “mycp0”.

sh-2.04# hostname mycp0

c) Enter /etc/init.d/network start to start networking on the standby CP and enable communication with the active CP.

d) On the standby CP, enter rsh followed by the IP address of the active CP and then /sbin/passwddefault to reset the active CP passwords.

For DCX 8510-8 Director:

If the standby CP card is in slot 6 (CP0), enter the following command:

sh-2.04# rsh 127.1.1.8 /sbin/passwddefault

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Password recovery using the Boot PROM interface

On some platforms, this step during password recovery attempt via bootprom may display error messages such as Raslog Module Initialization failed rc=-1 fabsys device open: No such device or address. These message may be ignored as long as the message All account passwords have been successfully set to factory default. appears in response to this command.

If the standby CP card is in slot 7 (CP1), enter the following command:

sh-2.04# rsh 127.1.1.7 /sbin/passwddefault

For DCX 8510-4 Director:

If the standby CP card is in slot 4 (CP0), enter the following command:

sh-2.04# rsh 127.1.1.6 /sbin/passwddefault

If the standby CP card is in slot 5 (CP1), enter the following command:

sh-2.04# rsh 127.1.1.5 /sbin/passwddefault

e) Enter bootenv OSLoadOptions "quiet;quiet" to reset the OSLoadOptions to “quiet;quiet”.

f) Enter reboot -f to reboot the switch.

Traffic flow resumes when the switch completes rebooting.

13. Once the switch has completed rebooting, use a Telnet, serial, or SSH connection to log in as admin to the active CP and set new passwords for all accounts.

This completes the password recovery procedure for these switches.

Password recovery procedure for the Brocade 7840 switch or Brocade Analytics Monitoring Platform

To recover a password on a Brocade 7840 switch or Brocade Analytics Monitoring Platform, complete the following procedure.

1. Establish a connection to the Command Processor (CP) through the switch serial port using a terminal emulation program.

2. Power-cycle the switch.

3. When you see the message “Press escape within 4 seconds following options:

”,

press Esc. The Boot PROM menu is displayed with the

Start system: Reboots the system.

Recover password: Generates a character string for your support provider to recover the Boot PROM password. Use this feature only when directed by technical support personnel.

Enter command shell: Opens a command shell so you can reset all system passwords.

The reboot will look similar to the following:

Checking system RAM - press any key to stop test Checking memory address: 00100000 System RAM test terminated by keyboard set_bootstatus: BS_LOAD_OS, platform_idx = 6 Hit ESC to stop autoboot: 0 1) Start system. 2) Recover password. 3) Enter command shell. Option?

4. Enter 3 to open a command shell.

5. If the Boot PROM password has been set, you are prompted to enter it.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Password recovery using the Boot PROM interface

The Boot PROM has a password only if one was defined. If the Boot PROM password has not been set, you will not be prompted to enter one.

ATTENTION If you are prompted to enter a new Boot PROM password, make sure it is at least 8 characters in length. Do not select this option unless specifically instructed by support personnel.

6. Enter setenv bootargs 'root=/dev/sda$prt rootfstype=ext4 quiet single'.

This sets the switch so that the switch boots into single-user mode.

7. Enter printenv to verify the change.

The following example highlights the field whose value you need to note.

=> printenv AutoLoad=yes InitTest=MEM() OSLoadOptions=quiet

OSRootPartition=sda1;sda2

SkipWatchdog=yes bootargs=root=/dev/sda1 rootfstype=ext4 quiet single bootcmd=run linux_bootcmd

bootdelay=5

devinit=usb reset 0 devname=sda

eth1addr=00:05:33:65:A1:C3

eth2addr=ac:de:48:00:00:02

ethact=FM1@DTSEC2

ethaddr=00:05:33:65:A1:C3

ethrotate=no fastboot=true

gatewayip=10.38.32.1

gosaddr=0x78000000

goscmd=ext2load usb 0:$prt $gosaddr boot/zImage.tree.initrd

ipaddr=10.38.37.160

linux_bootcmd=makesinrec 0x01000000;ext2load usb 0:$prt 0x4000000 boot/silkworm.dtb;ext2load usb 0:$prt 0x2000000 boot/zImage.tree.initrd;bootm 0x2000000 - 0x4000000

netmask=255.255.240.0

prt=1

recovery_bootcmd=tftp 0x5000000 HiBootWdCntRecover_mm.scr;source 0x5000000

serverip=10.38.2.40

submask=255.255.240.0

syslock_debug=0

8. Enter saveenv to save the changes:

=> saveenv Saving Environment to Flash

Done

9. Enter boot with no parameters to bring up the device in single-user mode.

=> boot ATA device vendor STI Flash 8.0.0, product STI1M73108114125555, revision 01/17/14 Map file at LBA sector 0x50088 (output truncated)

10. Enter mount -vo remount,rw,noatime / to remount the root partition as capable of read/write operations.

sh-2.04# mount -vo remount,rw,noatime / /dev/root on / type ext4 (rw,noatime)

11. Use the mount /dev/sda2 /mnt command to mount the secondary partition.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Password recovery using the Boot PROM interface

If the printenv command in step 7 returns prt value as 1, then use sda2 in this command. If the prt value is 2 from step 7, use

sda1.

sh-2.04# mount /dev/sda2 /mnt sh-2.04# mount /dev/sda1 /mnt

sh-2.04# mount /dev/root on / type unknown (rw,noatime) none on /proc type proc (rw) none on /sys type sysfs (rw) none on /dev/pts type devpts (rw,mode=620) none on /tmp type ramfs (rw) /dev/sda1 on /mnt type ext4 (rw,noatime) /dev/sda2 on /mnt type ext3 (rw)

12. Enter /sbin/passwddefault to reset all passwords to default values.

On some platforms, this step during password recovery attempt via bootprom may display error messages such as Raslog Module Initialization failed rc=-1 fabsys device open: No such device or address. These message may be ignored as long as the message All account passwords have been successfully set to factory default. appears in response to this command.

13. Enter setenv bootargs 'root=/dev/sda$prt rootfstype=ext4 quiet' to reset the OSLoadOptions to “quiet”.

Traffic flow resumes when the switch completes rebooting.

14. Once the switch has completed rebooting, use a Telnet, serial, or SSH connection to log in as admin to the active CP and set new passwords for all accounts.

This completes the password recovery procedure for this switch.

Password recovery procedure for Brocade G620 switch

To recover a password on a Brocade G620 switch, follow these steps:

1. Establish a connection to the Command Processor (CP) through the switch serial port using a terminal emulation program.

2. Power-cycle the switch.

3. When you see the message “Press escape within 4 seconds following options:

”,

press Esc. The Boot PROM menu is displayed with the

Start system: Reboots the system.

Recover password: Generates a character string for your support provider to recover the Boot PROM password. Use this feature only when directed by technical support personnel.

Enter command shell: Opens a command shell so you can reset all system passwords.

The reboot will look similar to the following:

Checking system RAM - press any key to stop test Checking memory address: 00100000 System RAM test terminated by keyboard set_bootstatus: BS_LOAD_OS, platform_idx = 6 Hit ESC to stop autoboot: 0 1) Start system. 2) Recover password. 3) Enter command shell. Option?

4. Enter 3 to open a command shell.

5. If the Boot PROM password has been set, you are prompted to enter it.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Password recovery using the Boot PROM interface

The Boot PROM has a password only if one was defined. If the Boot PROM password has not been set, you will not be prompted to enter one.

ATTENTION If you are prompted to enter a new Boot PROM password, make sure it is at least 8 characters in length. Do not select this option unless specifically instructed by support personnel.

6. Enter setenv bootargs "root=/dev/sda$prt rootfstype=ext4 console=ttyS0,9600 quiet single" .

This sets the switch so that the switch boots into single-user mode.

7. Enter saveenv to save the changes:

=> saveenv Saving Environment to Flash

Done

8. Enter printenv to verify prt value.

9. Enter boot with no parameters to bring up the device in single-user mode.

10. Enter mount -vo remount,rw,noatime/ to remount the root partition as capable of read/write operations.

sh-2.04# mount -vo remount,rw,noatime / /dev/root on / type ext4 (rw,noatime)

11. Use the mount /dev/sda2 /mnt command to mount the secondary partition.

If the printenv command in step 8 returns prt value as 1, then use sda2 in this command. If the prt value is 2 from step 8, use

sda1.

12. Enter /sbin/passwddefault to reset all passwords to default values.

sh-2.04# /sbin/passwddefault

On some platforms, this step during password recovery attempt via bootprom may display error messages such as Raslog Module Initialization failed rc=-1 fabsys device open: No such device or address. These message may be ignored as long as the message All account passwords have been successfully set to factory default. appears in response to this command.

13. Enter bootenv to verify prt value.

14. Enter setenv bootargs 'root=/dev/sda1 rootfstype=ext4 quiet console=ttyS0,9600' to reset the OSLoadOptions to “quiet”.

If the prt value is 1 from the previous step, then use sda1 in this command. If the prt value is 2 from the previous step, use sda2.

Traffic flow resumes when the switch completes rebooting.

15. Once the switch has completed rebooting, use a Telnet, serial, or SSH connection to log in as admin to the active CP and set new passwords for all accounts.

This completes the password recovery procedure for this switch.

16. Enter reboot -f to reboot the switch.

This completes the password recovery procedure for this switch.

Password recovery procedure for Brocade X6-8 and X6-4 Directors

This procedure requires you to connect to the serial port of the switch standby Command Processor (CP) blade. To determine which CP blade is the standby, use the “active” LED to identify the active CP blade. The standby CP blade will be the other CP blade.

1. Establish a connection to the serial port of the standby CP blade using a terminal emulator.

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Password recovery using the Boot PROM interface

Use one of the following methods to determine the standby CP:

Use the haShow command if you have the appropriate passwords.

Use the active LED to identify the active and standby CPs.

2. Power-cycle the standby CP blade using the physical slider switch on that CP blade.

3. When prompted to stop test or stop AutoBoot, press Esc. The Boot PROM menu is displayed with the following options:

Start system: Reboots the system.

Recover password: Generates a character string for your support provider to recover the Boot PROM password. Use this feature only when directed by technical support personnel.

Enter command shell: Opens a command shell so you can reset all system passwords.

The reboot will look similar to the following:

Checking system RAM - press any key to stop test Checking memory address: 00100000 System RAM test terminated by keyboard set_bootstatus: BS_LOAD_OS, platform_idx = 6 Hit ESC to stop autoboot: 0 1) Start system. 2) Recover password. 3) Enter command shell. Option?

4. Enter 3 to open a command shell.

5. If the Boot PROM password has been set, you are prompted to enter it.

The Boot PROM has a password only if one was defined. If the Boot PROM password has not been set, you will not be prompted to enter one.

ATTENTION If you are prompted to enter a new Boot PROM password, make sure it is at least 8 characters in length. Do not select this option unless specifically instructed by support personnel.

6. Enter setenv bootargs 'root=/dev/sda$prt rootfstype=ext4 console=ttyS0,9600 quiet single'.

This sets the switch so that the switch boots into single-user mode.

7. Enter saveenv to save the changes:

=> saveenv Saving Environment to Flash

Done

8. Enter printenv to verify the change.

9. Enter boot with no parameters to bring up the device in single-user mode.

10. Enter mount -vo remount,rw,noatime / to remount the root partition as capable of read/write operations.

sh-2.04# mount -vo remount,rw,noatime / /dev/root on / type ext4 (rw,noatime)

11. Use the mount /dev/sda2 /mnt command to mount the secondary partition.

If the printenv command in step 8 returns prt value as 1, then use sda2 in this command. If the prt value is 2 from step 8, use

sda1.

12. The following commands must be done using the serial connection to the standby CP blade.

a) Enter /etc/init.d/network start to start networking on the standby CP and enable communication with the active CP.

sh-2.04# /etc/init.d/network start

Brocade Fabric OS Password Recovery Notes, 8.0.1

FOR BROCADE INTERNAL USE ONLY

Password recovery using the Boot PROM interface

b) On the standby CP, enter rsh followed by the IP address of the active CP and then /sbin/passwddefault to reset the active CP passwords.

For X6 Directors:

If the standby CP card is in slot 2 (CP1), enter the following command:

sh-2.04# rsh 127.3.1.1 /sbin/passwddefault

On some platforms, this step during password recovery attempt via bootprom may display error messages such as Raslog Module Initialization failed rc=-1 fabsys device open: No such device or address. These message may be ignored as long as the message All account passwords have been successfully set to factory default. appears in response to this command.

If the standby CP card is in slot 1(CP0), enter the following command:

sh-2.04# rsh 127.3.1.2 /sbin/passwddefault

13. Enter bootenv to verify prt value.

14. Enter bootenv bootargs "root=/dev/sda1 rootfstype=ext4 quiet console=ttyS0,9600" to reset the OSLoadOptions to “quiet”.

If the prt value is 1 from the previous step, then use sda1 in this command. If the prt value is 2 from the previous step, use sda2.

Traffic flow resumes when the switch completes rebooting.

15. Enter reboot -f to reboot the switch.

This completes the password recovery procedure for this switch.

NOTE In Fabric OS 8.0.1 or later, the 'root' account will be disabled by default after executing passwddefault. Login as 'admin' to enable 'root' account and change the root access to the appropriate access level.

Brocade Fabric OS Password Recovery Notes, 8.0.1