| Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides https://forum.ivorde.com/ |
|
| How to recover a branch SRX root password \w protected console (insecure) https://forum.ivorde.com/how-to-recover-a-branch-srx-root-password-w-protected-console-insecure-t19754.html |
Page 1 of 1 |
| Author: | mandrei99 [ Tue Jan 27, 2015 6:37 pm ] |
| Post subject: | How to recover a branch SRX root password \w protected console (insecure) |
Some SRX firewalls need to be deployed in insecure environments, thus forcing administrators to protect the console from being accessed by non-root users. This complicates things when root password is lost and no way to login to the box to overwrite it. Trying to recover a lost root password in SRX when the console is protected against non-root access:(press space at the second prompt “Hit [Enter] to boot immediately, or space bar for command prompt.”) Code: Checking datalines... OK At this point, either root password is remembered, or the device can boot in multi-user (normal) mode and continue it's operations once the configuration is loaded.Checking address lines... OK Checking 512K memory for U-Boot... OK. Running U-Boot CRC Test... OK. Flash: 4 MB USB: scanning bus for devices... 3 USB Device(s) found scanning bus for storage devices... 1 Storage Device(s) found Clearing DRAM....... done BIST check passed. Boot Media: nand-flash usb Net: pic init done (err = 0)octeth0 POST Passed Press SPACE to abort autoboot in 1 seconds … Loading /boot/defaults/loader.conf /kernel data=0xb03b68+0x1344a8 syms=[0x4+0x8a940+0x4+0xc8eb0] Hit [Enter] to boot immediately, or space bar for command prompt. Booting [/kernel] in 1 second... loader> boot -s Kernel entry at 0x801000e0 ... init regular console Primary ICache: Sets 64 Size 128 Asso 4 Primary DCache: Sets 1 Size 128 Asso 64 … clean, 74552 free (32 frags, 9315 blocks, 0.0% fragmentation) System watchdog timer disabled Enter root password, or ^D to go multi-user Password: How to recover Juniper SRX root password when the console is protected:The procedure requires a bootable USB stick containing a Junos snapshot (on a different device). Creating SRX bootable USB with a snapshot. Code: > request system snapshot media usb partition Juniper uses uBoot as boot loader so it needs to be to configured to boot from usb. To change uBoot boot settings, press SPACE at the first prompt: Code: Clearing DRAM....... done BIST check passed. Boot Media: nand-flash usb Net: pic init done (err = 0)octeth0 POST Passed Press SPACE to abort autoboot in 1 seconds => => setenv boot.devlist usb => saveenv Saving Environment to Flash... Un-Protected 1 sectors Erasing Flash... . done Erased 1 sectors Writing to Flash... writing to flash... done Protected 1 sectors => reset At this point, the firewall will reboot and automatically boot from the USB containing a bootable snapshot. Once it booted up, the flash partition can be mounted and the root password can be changed. Revert the boot sequence to flash again. |
|
| Page 1 of 1 | All times are UTC - 5 hours [ DST ] |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|