Interview: Kevin Wallace CCIEx2 #7945 (Routing/Switching and Voice) & CCSI (Instructor) #20061
Need for Speed – The Data Tsunami & Advancements in Networking. From FastEthernet 100Mbps to Wireless 17.6Tbps!
Secure CallManager Express Communications - Encrypted VoIP Sessions with SRTP and TLS
Cisco & CompTIA Certification Offer - Save 60% on Certification Video Training For CCNA Security, CCNP Voice, CompTIA Network+ and Security+
Cisco Catalyst 4500 Series Zero-Downtime IOS Upgrade Process for Supervisor Engine 7-E, 7L-E, 6L-E and V-10GE Redundant Configurations
Cisco 4507R+E Layer 3 Installation: Redundant WS-X45-SUP7L-E Supervisor Engines & WS-X4648-RJ45V+E Line Cards
Major Changes & Updates to the Cisco CCNA Exam
Interview: Vivek Tiwari CCIEx2 #18616 (CCIE Routing and Switching and Service Provider)
Comparing Cisco VPN Technologies – Policy Based vs Route Based VPNs
Unified Communications Components - Understanding Your True Unified Communications Needs
Cisco Press Discounts - Valentine's Day Special - Save 40%!!
Discover Features & Capabilities - Cisco Catalyst 3850 With Integrated Wireless LAN Controller (WLC)
Cisco VPN Client & Windows 8 (32bit & 64bit) - Reason 442: Failed To Enable Virtual Adaptor - How To Fix It
How to Restrict Cisco IOS Router VPN Client to Layer-4 (TCP, UDP) Services - Applying IP, TCP & UDP Access Lists
Configuring SPAN On Cisco Catalyst Switches - Monitor & Capture Network Traffic/Packets

Firewall.cx Newsletter

Receive Free notification on new articles!
***************

Firewall.cx Forums

Community Forums

Facebook Fans

Show your support for Firewall.cx!

Social Media Channels

Facebook-icon LinkedIn-icon Twitter-icon  rssfeed-icon
advert-banner-routing
advert-banner-voice

System Login



Login With Facebook

More Articles

Who's Online

We have 126 guests online

Statistics

Members : 5859
Content : 790
Web Links : 12
Content View Hits : 102216833

Top Website Visitors

37.5%United States United States
16.8%India India
7.4%United Kingdom United Kingdom
5.7%Australia Australia
4.3%Canada Canada
3.4%Germany Germany

Today: 163
Yesterday: 8602
This Week: 32754
Last Week: 46096
This Month: 110163
Last Month: 240364
Total: 3370887

Gold Cisco Lab Partners

logo-gfi



logo-datavision

Best Rated Content

Disabling Cisco Router Password Recovery Service Print Email
Written by Administrator   
Friday, 19 August 2011 23:57
AddThis Social Bookmark Button

Most Cisco engineers are aware of the classic Password-Recovery service Cisco equipment have. If the device's credentials are lost, then performing the Password-Recovery procedure will effectively provide full access to the device's configuration.

By disabling the Password-Recovery service you prevent anyone with physical access to the device (e.g console port) from performing the Password-Recovery process and obtaining access to its configuration.

Disabling the Password-Recovery service requires extreme attention because should you loose your password, there is no turning back. It is highly advisable to always keep a backup of your configurations in a secure area - just in case.

You will also notice that the 'no service password-encryption' command will not show up when hitting '?' (for help) as this command is undocumented in the IOS help.

Following are the steps to disable the Password-Recovery service and the message confirmation shown when the device boots up after the Password-Recovery service is disabled:

R1(config)# no service password-recovery

WARNING:
Executing this command will disable password recovery mechanism.Do not execute this command without another plan forpassword recovery.
Are you sure you want to continue? [yes/no]: yes

R1(config)# exit
R1# reload
Proceed with reload? [confirm]

After the reload command is confirmed, the router will proceed with the reload process, which is basically a reboot. As the reload process is performed, the router will verify with a message that the password recovery functionality is disabled:

System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2009 by Cisco Systems, Inc.
c2811 processor with 240640 Kbytes of main memory

Main memory is configured to 64 bit mode with parity disabled

Readonly ROMMON initialized

PASSWORD RECOVERY FUNCTIONALITY IS DISABLED

Article Summary

This article explains the password-recovery service and how to disable it on a Cisco device.

If you have found the article useful, we would really appreciate you sharing it with others by using the provided services on the top left corner of this article. Sharing our articles takes only a minute of your time and helps Firewall.cx reach more people through such services.

Related Articles
Last Updated on Saturday, 20 August 2011 00:14
 
Subscribe To Receive Free Article Updates!

SIMILAR TOPICS THAT MIGHT INTEREST