Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Password recovery, Command authorization failed.

Posted on 2004-08-19
Medium Priority
Last Modified: 2008-01-09
I got a 2610 router and trying to do a password recovery.  I recycle the router and do a CTRL-Break on it, then I do a confreg 0x2142
Next, I do ENABLE
Then, I do copy star run
From there, I'm at the Privleged Mode and should be able to do configure terminal, so I can clear out the enable password.  This is what happens.

CATHKMR01R1#conf t
Command authorization failed.


Why is this?  Is there anyway besides clearing out the startup config to recovery the password?  I don't want to clear out my current config that's in there now.
Question by:Pentrix2
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 50

Accepted Solution

Don Johnston earned 2000 total points
ID: 11840061
Looks like the startup config that you're copying to running config contains Tacacs configuration commands. Without the username/password setup on the Tacacs server, you won't be able to do much.

Either get a username/password, or don't load the startup-config.


Author Comment

ID: 11840086
You're absolutely correct, it does have a TACACS server on it.  I'll just have to clear out the startup config then.  Thanks donjohnston!!
LVL 50

Expert Comment

by:Don Johnston
ID: 11846672
It just occured to me that there is a way to recover the configuration...

Once you've used the password recovery process to get into priviliged mode, get an ethernet interface configured. Setup a TFTP server off the ethernet interface and issue a "copy startup tftp". Once the file is on the TFTP server, open it and remove the TACACS commands, save it and then copy it back to NVRAM (copy tftp start).


Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question