Solved

cisco how to disable password recovery?

Posted on 2004-08-17
10
916 Views
Last Modified: 2008-03-03
I have the following router
IOS (tm) C831 Software (C831-K9O3Y6-M), Version 12.3(2)XC, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
How do I disable password-recovery service?

I tried
#no service password-recovery
                                               ^
% Invalid input detected at '^' marker.

but it doesnt work. Any help would be appreciated.

Tom
0
Comment
Question by:T0masz
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 36

Expert Comment

by:grblades
ID: 11825379
Hi T0masz,
Do you mean as in the password recovery procedure?

To disable it don't have a cable plugged into the console port and have the router located in a secure location so normal users can't gain physical access to it.
0
 

Author Comment

by:T0masz
ID: 11825453
Well nobody has access to it but still, I want to enable this feature and for some reason I cant, is it just not there in the  831s ios?

Tom
0
 

Author Comment

by:T0masz
ID: 11825486
ah and yes I ment the password recovery procedure.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 36

Expert Comment

by:grblades
ID: 11825511
It is not an IOS feature. It is a feature of the boot ROM that starts the IOS operating system and is the equivilent of the BIOS in a normal conputer.
It is always enabled and cannot be disabled.
0
 

Author Comment

by:T0masz
ID: 11825715
Yes it can, I have it disabled on all my routers 2500/3600.... just not the 831 I guess this one doesnt have this feature... can anyone confirm this? Any other way of locking it to prevent console access? I have people comming to do maintenance and etc and they have access to the rack... I have to have it disabled.

Tom
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
ID: 11825972
No service password recovery is only available on

*Cisco 2691, 3631, 3725, and 3745 Routers—no minimum ROMMON or Cisco IOS® software requirements
*Cisco 3600 Series Routers—Minimum ROMMON version 11.1(17)AA (orderable as BOOT-3600=) Minimum Cisco IOS Software Release 11.2(12)P or 11.3(3)T
*Cisco 2600 Series Routers—all ROMMON and Cisco IOS software versions
*Cisco 1700 Series Routers—requires minimum ROMMON 12.1(5r)T1. This is not orderable as a spare, so you cannot upgrade an existing 1720 or 1750. All 1710 and 1751 routers should have this ROMMON.

Looks like it's not available on 800 series.

-Don
0
 

Author Comment

by:T0masz
ID: 11826323
I was afraid of that.... but oh well... Ill superglue the console port hehe ;>

Thanks.
Tom
0
 

Expert Comment

by:parshal
ID: 11846467
You can give it an absurd console password or set the timeout value to something like 1 second.  This will effectively disable the port until the maintenance people leave.
0
 

Author Comment

by:T0masz
ID: 11846675
well if you boot it up to password recovery you can change that.... PS how do i set the timeout only for the console?

Tom
0
 

Expert Comment

by:parshal
ID: 11848153
True, someone could do a password recovery.  I would set an absurdly long password on the console port and change the timeout.  

To set the timeout:

line con 0
 exec-timeout 0 1

I've never set it to one second before but I've accidentally set it to 20 seconds instead of 20 minutes so I know it will take a very short time.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question