Recover Cisco Catalyst 2960 Switch Password

From ITCwiki

Recover Cisco Catalyst 2960 Switch Password

1. Connect to the console port of the switch a PC with terminal emulating software like Hyperterminal or TeraTerm. The terminal settings are as follows:

◦Bits per second (baud): 9600 
◦Data bits: 8 
◦Parity: None 
◦Stop bits: 1 
◦Flow Control: Xon/Xoff 

2. Power down the switch by unplugging the power cord.

3. Hold down the mode button on the front left side of the switch and plug in the power cord. Do not release the mode button until you see the SYST LED blink amber and then turn solid green. When you release the mode button the SYST LED should blink green. The switch should now be in switch: mode.

4. Enter the flash_init command at the switch: prompt.

switch: flash_init
Initializing Flash...

5. Enter the load_helper command

switch: load_helper

6. Enter the dir flash: command

switch: dir flash:
Directory of flash:/

Output omitted.

4    -rwx  1131      <date>               config.text

This is the configuration file.

5    -rwx  109       <date>               info
6    -rwx  389       <date>               env_vars
7    drwx  640       <date>               html
18   -rwx  109       <date>               info.ver
403968 bytes available (3208704 bytes used)

7. Rename the configuration file by entering rename flash:config.text flash:config.old. The config.text file is the file that contains the password definition.

switch: rename flash:config.text flash:config.old

8. Reboot the switch by entering the boot command.

switch: boot
Loading "flash:...

9. When the switch is done reloading the ---System Configuration Dialog---' will appear in the output. Answer no or press ctrl-c to leave the system configuration dialog.

--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Continue with configuration dialog? [yes/no]: n 
Press RETURN to get started.

10. Enter enable to go into enable mode on the switch.


11. Rename the configuration file back to its orginal name by entering rename flash:config.old flash:config.text and press enter when the message appears Destination filename [config.text].

Switch#rename flash:config.old flash:config.text
Destination filename [config.text] 

12. Copy the configuration file into memory by entering copy flash:config.text system:running-config. Press enter to verify.

Switch#copy flash:config.text system:running-config
Destination filename [running-config]? 

Now the old configuration is loaded into RAM.

13. At this point you can reassign all of the passwords you don't know by entering global configuration mode and entering the following commands:

Sw1# conf t
Sw1(config)#enable secret <new_secret_password>
Sw1(config)#enable password <new_enable_password>
Sw1(config)#line vty 0 15
Sw1(config-line)#password <new_vty_password>
Sw1(config-line)#line con 0
Sw1(config-line)#password <new_console_password>

14. Save the running configuration to the startup configuration by entering either write memory or copy running-config startup-config.

Sw1#write memory
Building configuration...

You have reset your passwords without losing your configuration.