Resetting Admin or Enable Password - 188金宝搏的网址

一个rubaOS 8.6.0.0Help Center

You are here: Home > Management Access > Radius Server Authentication > Resetting Admin or Enable Password

Resetting Admin Password

This section describes how to reset the password for the default administrator user account (admin) on themanaged device. Use this procedure if the administrator user account password is lost or forgotten.

1.Connect a local console to the serial port on themanaged device.

2.From the console, login into themanaged deviceas a password recovery user. For information, readPassword Recovery user.

3.Enter configuration mode by typing inconfigure terminal.

4.To reset the administrator user account password, use themgmt-user admin rootcommand.

5.Enter a new password for this account and retype the same to confirm.

6.Exit from the configuration mode and the user mode.

If you have defined a management user password policy, make sure that the new password conforms to this policy. For details, see实施具体的管理密码策略.

The following is an example of how to reset the admin password as a default password recovery user. If you have configured an alternate password recovery user, use its credentials to login to thecontroller. The commands in bold type are what you enter:

User:password

Password:forgetme!

(host) #configure terminal

Enter Configuration commands, one per line. End with CNTL/Z

(host) (config) #mgmt-user admin root

Password:********

Re-Type password:********

(host) (config) #exit

(host)#exit

Password Recovery user

一个password recovery user is a management user with root rights that is used to reset the admin password in the event of a lost or forgotten password. Starting with一个rubaOS8.4.0.0, a configurable alternate password recovery user can be created in addition to the default password recovery feature.

Password recovery access using either the default password recovery user or the alternate password recovery user is allowed only through the serial console of a controller.

Password recovery users can be configured only throughSSHSecure Shell. SSH is a network protocol that provides secure access to a remote device.会议和串行康索尔e sessions with a controller and not through WebUI.

一个rubarecommends to enable the default password recovery user before generating and sharing the tech-support logs or configuration files with customer support.

It is recommended that either the default password recovery user is disabled or the alternate password recovery user is configured when setting up the network to ensure. This is to ensure that there are no vulnerabilities.

Default password recovery user

In the event of a lost/forgotten password, the administrator can login to thecontrollerand reset the admin password as the default password recovery user using the usernamepasswordand the passwordforgetme!. The default password recovery user is defined and is enabled by default . Disabling the Default password recovery user is recommended if the network uses aTACACSTerminal Access Controller Access Control System. TACACS is a family of protocols that handles remote authentication and related services for network access control through a centralized server.server to authenticate its management users.

To disable the default password recovery user, execute the following command in the configuration mode:

(host) (config) #password-recovery-disable

To enable the default password recovery user, execute the following command in the configuration mode:

(host) (config) #no password-recovery-disable

一个lternate password recovery user

Starting with一个rubaOS8.4.0.0, an alternate password recovery user with a username and password can be created to reset the admin password. The alternate user’s username can be 16 characters long and the password can be 32 characters long. Configuring the alternate password recovery user automatically disables the default password recovery user. Configuring the alternate password recovery user is highly recommended if the network is managed locally.

The alternate password recovery user will not be shown in the management user section of the WebUI. This user role cannot be configured through the WebUI.

To configure the alternate password recovery user, execute the following command in the configuration mode:

(host) (config) #password-recovery-user

Password:******

Re-Type password:******

To disable the alternate password recovery user, execute the following command in the configuration mode:

(host) (config) #no password-recovery-user

The following is an example to configure the alternate password recovery user:

(host) #configure terminal

Enter Configuration commands, one per line. End with CNTL/Z

(host) (config) #password-recovery-user recadmin

Password:******

Re-Type password:******

(host) (config) #exit

Use theshow mgmt-usercommand to view the configured management users and the status of the default password recovery user.

The following is an example of the show mgmt-user command with the default password recovery user enabled.

(host) #show mgmt-user

Default password recovery user: Enabled

Management User Table

---------------------

用户密码角色地位

---- ------ ---- ------

admin ***** root ACTIVE

The following is an example of the show mgmt-user command when the alternate password recovery user is configured.

(host) #show mgmt-user

Default password recovery user: Disabled

Management User Table

---------------------

用户密码角色地位

---- ------ ---- ------

admin ***** root ACTIVE

recadmin ***** passR ACTIVE

/*]]>*/

Send Feedback