华为交换机重置密码案例
作者:尹正杰
版权声明:原创作品,谢绝转载!否则将追究法律责任。
马上到年底了,请假一个星期的同事毫无征兆的就离职了,由于他的离职,本来负责系统运维的我还得接过来网络的活,现在我就得负责系统和网络安全还有设备调试都瞬间压在了我的肩膀上,索性的是我早已习惯这样的事情,已经见怪不怪了。这不,领导得派我去高碑店分院调试网络设备,工作主要部分就是将亦庄到高碑店专线调试成功,让高碑店的员工可以通过专线访问亦庄总部的OA系统。
你们是没有见过高碑店需要运维的那种眼神啊,看见我过去了各种找你的感觉,“正杰,我们打印机连接不上啦”,“正杰,我们部门文件没法共享啦”,“正杰,我们高碑店OA啥时候能好啊,都等了好久啦...”,没法,只能硬着头皮说等我处理完手上的活就去帮他们弄,配置完前楼的核心之后就去后楼配置核心交换机,发现接入层交换机都被贾工(我司前任网络工程师)加密过了,通过console也无法进入交换机终端,打电话询问相关信息说他自己也忘记了,没法,我就得自己想法解决了,于是百度找到华为客服电话,联系到技术,帮我破解了密码。
其实破解密码的过程很简单,原来就是3分钟的事情,大家要是遇到类似的问题,也可以直接打客服寻味如何破解密码即可,在这里我这是给大家说一个遇到问题的解决思路,硬件遇到问题了就找厂家就好~哈哈哈,具有操作如下:(华为交换机默认密码:Admin@huawei.com)
破解密码的过程需要你重启你的交换机,然后按住Ctrl+B键进入设备维护模式:
1 Password is wrong, system will reboot ... 2 3 4 BIOS loading ... 5 Start memory test ? ('Ctrl+T' is test): ... 0 6 Copyright (c) 2011-2015 HUAWEI TECH CO., LTD. 7 Basic BootROM version : 0208.0001 Compiled at Jun 2 2015, 21:35:58 8 Current flash file system : DosFs 9 flash:/ - Volume is OK 10 11 Press Ctrl+B or Ctrl+E to enter BootROM menu ... 3 12 password: #默认密码,Admin@huawei.com 13 The default password is used now. Change the password. 14 15 BootROM MENU 16 17 1. Boot with default mode 18 2. Enter serial submenu 19 3. Enter startup submenu 20 4. Enter ethernet submenu 21 5. Enter filesystem submenu 22 6. Enter password submenu 23 7. Clear password for console user 24 8. Reboot 25 (Press Ctrl+E to enter diag menu) 26 27 Enter your choice(1-8): 7 28 29 Note: Clear password for console user? Yes or No(Y/N): y 30 31 Clear password for console user successfully. Choose "1" to boot, then set a new password. 32 Note: Do not choose "8. Reboot" or power off the device, otherwise this operation will not take effect. 33 34 BootROM MENU 35 36 1. Boot with default mode 37 2. Enter serial submenu 38 3. Enter startup submenu 39 4. Enter ethernet submenu 40 5. Enter filesystem submenu 41 6. Enter password submenu 42 7. Clear password for console user 43 8. Reboot 44 (Press Ctrl+E to enter diag menu) 45 46 Enter your choice(1-8): 1 47 48 Loading "flash:/s5700s-p-li-v200r008c00spc500.cc" ......................... done 49 Decompressing VRP software ................................................ done 50 Disk cache flush and invalidate ........................................... done 51 Initializing EPLD interrupt ............................................... done 52 Current flash file system : DosFs 53 flash:/ - Volume is OK 54 55 There is no record in region Exception. 56 57 Start to initialize the LSW ... 58 Initializing LSW .......................................................... done 59 60 Initializing DEV module ................................................... done 61 62 Initializing hardware system .............................................. done 63 Begin to start the system ... 64 65 Registering IPC and VP callback to platform ............................... done 66 67 Initializing VFS ..................................... done 68 Checking startup system-software .......................................... done 69 Reading PAF file .......................................................... done 70 Initializing VOS monitor ............................. done 71 CFM initialization advance ........................... done 72 Initializing PAT ..................................... done 73 Initializing HA ...................................... done 74 VFS registering to HA ................................ done 75 76 VRP root begin ... 77 VRP root end 78 CFG initialization begin ............................. done 79 CFM initialization begin ............................. done 80 CLI initialization begin ............................. done 81 Registering VRP all link command begin ............... done 82 Creating task begin ... 83 Creating task end 84 Task initialization begin ... 85 Task initialization end 86 Cmd registering begin ... 87 Cmd registering end 88 89 Recover configuration begin ... 90 Recover configuration end 91 Press ENTER to get started. #出现这行说明你已经清空密码成功啦!
当我们遇到问题的时候,千万不要慌,因为你的后面还有厂家支持着你,哈哈哈!对了,华为交换机配置远程和H3C配置远程有点不一样,可以参考我的配置华为远程的笔记如下:
1 [gbd-b-f4-002]aaa 2 [gbd-b-f4-002-aaa]local-user yinzhengjie password cipher jiubugaosuni #这里我设置密码为“jiubugaosuni”,用户名为yinzhengjie 3 [gbd-b-f4-002-aaa]local-user yinzhengjie privilege level 15 #这里是授权用户等级,由于咱们是管理员,直接设置成最好的就好 4 [gbd-b-f4-002-aaa]local-user yinzhengjie service-type telnet #这里需要给用户授权访问类型 5 [gbd-b-f4-002-aaa]quit 6 [gbd-b-f4-002]user-interface vty 0 4 #进入远程配置界面 7 [gbd-b-f4-002-ui-vty0-4]authentication-mode aaa 8 [gbd-b-f4-002-ui-vty0-4]user privilege level 15 9 [gbd-b-f4-002-ui-vty0-4]protocol inbound telnet #这一步千万别忘记了哟!不然你是无法通过Telnet远程哟! 10 [gbd-b-f4-002-ui-vty0-4]quit 11 [gbd-b-f4-002]telnet server enable #开启Telnet服务