Password Recovery – Nexus 5548

Posted on by Tom Kacprzynski

Recently I had to recover the admin password on the Nexus 5548. The Cisco doc was a little bit uncleared so I figured I’ll make some notes on it.

First thing reboot the switch. The power supplies on these don’t have a on/off switch so you’ll have to pull the power cable.

When you see the output of “Loading system…” press the break command sequence Ctrl+]. This will bring you into the boot mode:

 

Version 2.00.1201. Copyright (C) 2009 American Megatrends, Inc.
Booting kickstart image: bootflash:/n5000-uk9-kickstart.5.2.1.N1.1b.bin....
...............................................................................
........................Image verification OK

INIT: I2C - Mezz absent
Starting system POST.....
  Executing Mod 1 1 SEEPROM Test:...done (0 seconds)
  Executing Mod 1 1 GigE Port Test:....done (32 seconds)
  Executing Mod 1 1 PCIE Test:.................done (0 seconds)
  Mod 1 1 Post Completed Successfully
POST is completed
can't create lock file /var/lock/mtab~193: No such file or directory (use -n flag to override)
nohup: redirecting stderr to stdout
autoneg unmodified, ignoring
autoneg unmodified, ignoring
Checking all filesystems....r. done.
^]Loading system  <

I was interested to see what commands are available in this mode, there are few that I’ll use for the recovery (->):

switch(boot)# ?
Exec commands:
  clear     Reset functions
->config    Enter configuration mode
  copy      Copy from one file to another
  delete    Delete a file or directory
->dir       Directory listing for files
  erase     Erase Sam Configuration
  exit      Exit from the EXEC
  find      Find a file below the current directory
  format    Format disks
  init      Initialize internal disk
->load      Load system image
  mkdir     Create new directory
  move      Move files
  no        Disable debugging functions
  pwd       View current directory
  reload    Reboot this supervisor module
  rmdir     Remove existing directory
  show      Show running system information
  sleep     Sleep for the specified number of seconds
  ssh       SSH to another system
  tail      Display the last part of a file
  telnet    Telnet to another system
  terminal  Set terminal line parameters
  write     Write current configuration

In the configuration mode I’ll use the “admin-password” command to reset my password.

switch(boot)# conf t
switch(boot)(config)# admin-password MY-NEW-CHANGED-PASSWORD
switch(boot)(config)# exit

Next, I’ll have to lookup the system NX-OS image’s filename, which in my case is n5000-uk9.5.2.1.N1.1b.bin:

switch(boot)# dir
          0  Jan 01 2009 23:52:08  20090101_235208_poap_3569_init.log
     447719  Jan 07 2009 19:03:57  20090107_180315_poap_3484_init.log
       4096  Feb 06 2013 20:06:05  lost+found/
       2816  Feb 06 2013 20:41:04  mts.log
   31642624  Jan 11 2013 23:47:27  n5000-uk9-kickstart.5.2.1.N1.1b.bin
->173082673  Jan 11 2013 23:48:13  n5000-uk9.5.2.1.N1.1b.bin
        738  Jan 01 2009 23:58:14  span.log
       4096  Jan 01 2009 23:51:11  vdc_2/
       4096  Jan 01 2009 23:51:11  vdc_3/
       4096  Jan 01 2009 23:51:11  vdc_4/

Usage for bootflash: filesystem
  322887680 bytes used
 1328017408 bytes free
 1650905088 bytes total

Once the password is reset and I know the system boot image path, I can load it.

switch(boot)# load bootflash:n5000-uk9.5.2.1.N1.1b.bin
Uncompressing system image: bootflash:/n5000-uk9.5.2.1.N1.1b.bin Wed Feb 6 20:48:11 UTC 2013

Watch pretty text go by…

Load plugins that defined in image conf: /isan/plugin_img/img.conf
load_plugin: failed read swid map from "/mnt/pss/plugin_swid_map" with rc 0xffffffff. Plugin will be assigned new ID
Loading plugin 0: core_plugin...
load_plugin: Can't get exclude list from /isan/plugin/0/boot/etc/plugin_exclude.conf (rc 0x40ea0017)
Loading plugin 1: eth_plugin...
ethernet switching mode
INIT: Switching to runlevel: 3
INIT: Sending processes the TERM signal
INIT: (boot)#
touch: cannot touch `/var/lock/subsys/n
/isan/bin/muxif_config: fex vlan id: -f,4042
Set name-type for VLAN subsystem. Should be visible in /proc/net/vlan/config
Added VLAN with VID == 4042 to IF -:muxif:-
2013 Feb  6 20:48:35 my_nexus_5548 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files begin  - clis
2013 Feb  6 20:48:38 my_nexus_5548 %$ VDC-1 %$ Feb  6 20:48:38 %KERN-0-SYSTEM_MSG: I2C - Mezz absent  - kernel
2013 Feb  6 20:48:44 my_nexus_5548 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files end  - clis
2013 Feb  6 20:48:44 my_nexus_5548 %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: init begin  - clis
2013 Feb  6 20:49:39 my_nexus_5548 %$ VDC-1 %$ %VDC_MGR-2-VDC_ONLINE: vdc 1 has come online

Nexus 5000 Switch
my_nexus_5548 login: admin
Password:
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2012, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php

Last step to set the admin password again in the running config and save it.

my_nexus_5548# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
my_nexus_5548(config)# username admin password 0 MY_NEW_CHANGED_PASSWORD
my_nexus_5548(config)#
my_nexus_5548# copy running startup
[########################################] 100%

5 thoughts on “Password Recovery – Nexus 5548

Comments are closed.