Sunday, March 26, 2017

Cisco MSE password recovery

If you are because you've lost the root password or/and GRUB password of your MSE “Cisco 3355 Mobility Services Engine”, please refer to the following Cisco doc : Cisco 3355 Mobility Services Engine Getting Started Guide (Chapter 2 section 40 “Recovering a Lost Root Password”).

Basically if you lost the root password, you’re fine and can follow the instruction recommended by Cisco.(described in the section two of this article)
The root password is your “Admin” password for the operating system running on your MSE Appliance.


As you will find out while trying to follow the steps of the Cisco documentation, you will need the “GRUB” password to access the options of the boot menu.
If you are not familiar with Linux, GRUB is permitting you to define what OS you want to boot and how you want it to be booted (there are a lot to say about how it works) I’ll keep it to the point of what we try to accomplish, but basically GRUB was initially implemented in your MSE with a password protection to prevent people to simply boot and choose different options including the one that will allow to change the root password of your MSE.
If you want to recover you root password and you know your GRUB password then go straight to section 2.


What usually happens… You’ve lost your MSE root password AND you don’t remember the GRUB password.
Cisco’s answer to this is straightforward : If you forget the GRUB password, you cannot login and you will need to contact TAC to arrange for an RMA.


In my case I knew there was a way around it, but you have to be careful because modifying your bootloader with linux can totally go wrong !
Please note that I DO NOT recommend anyone who has smartnet or any type of contract that would guarantee the support for their device, but if you’re out of contract and no more support and you’re one step away to send this device for recycle, you might want to consider this trick as an option.
In my personal experience with Linux I was confident enough to proceed with this hack rather than fighting with the logistic aspect of RMA.


First, you’ll need to burn an image of a live-DVD version of the following GNU/linux flavour (KNOPPIX).

Let me apologize for the length of this article. Many of you will find it way too detailed with “useless information”, but I think it’s important for people with less GNU/Linux skills to be able to have a brief idea about what are the linux commands doing to their system.

The Tools you will need:
Knoppix Live-DVD- Keyboard
- Monitor with a VGA connector
- Power bar
- Laptop + power cord
- USB-Serial adapter DB-9
- Most common DB-9 console cable terminated with female connectors on both ends (not the Cisco blue cable)



You’ll need to have physical access to your MSE, bring your keyboard + Monitor to display via VGA port. Both keyboard and VGA ports would be situated at the back of the MSE appliance.

My laptop was on the console port of the MSE appliance. If you connect your laptop via serial only you won’t get everything that would go through the external monitor/keyboard and depending of the settings and boot stage you may only see and access the GRUB boot menu via your laptop and not the external keyboard/monitor.












Section 1 (Lost your GRUB password)

Insert your DVD in the MSE appliance and power-up/reboot the system.
Looking at the monitor display, wait for the Cisco splash page





You will only have few seconds to use the keyboard : hit <F12> Select Boot Device
Choose CD/DVD and be patient as the system will proceed with your request.




Two minutes later you should see the boot menu of your KNOPPIX LIVE-DVD

Type failsafe linux single












You will only have few seconds to type text before it time-out and proceed with default booting which is certainly not what you want (if you miss the opportunity you will have to reboot the server using the power button of the front panel of your MSE appliance).

Once booted it should look like this and you are now in a GNU/Linux shell.








Mounting the partition:

You need to mount the partition of your MSE appliance hard drive  on which the grub configuration file is stored. In our case the Linux Grub configuration file location is on the boot partition: /boot/grub/grub.conf

If you need to find your partition name use the fdisk -l command to get the partition listed / names:
# fdisk -l

Please double check the lines and make sure that you have a similar output :








You will have to mount your boot partition /dev/sda1 in order to be able to work on it, remember your current system was loaded via the LIVE-DVD so if you want to access your server’s hard drive and partition you have to mount it:
# mount /dev/sda1 /mnt
Removing/Changing The Grub Password:

You need to modify /boot/grub/menu.lst file:
# cd /mnt/grub

You will have to verify what’s in the folder by using this command:
# ls





You now have to generate a new grub md5 password it’s super easy, type :
#grub-md5-crypt







Choose your password and this will return you the hashed version of it.
You can write it down as we will need it to edit the menu.lst file with vi

BEFORE making any changes to the original menu.lst file, let’s make a backup of this file with the following command:
# cp menu.lst menu.lst.backup

Now we are safe to do the modifications using vi text editor. Type:
# vi menu.lst

PLEASE pay attention because vi isn’t easy to handle if it’s your first time.
Here is all you need to know.
If you messed up while editing the file (hit the following keys “Esc” then “:” and type “q!” this is to quit without saving.
Esc” “:” “wq” will write the file and quit the text editor.
Esc” “:” “q” will quit the text editor.


To do some editing and insert or modify text, you have to hit the following keys “Esc” “i” then you will be in “insert” mode which allow you to type text and make changes. In case you need to exit the insert mode you will hit “Esc”.

I will type the entire sequence as we modify the grub file.


















Using the arrow keys of your keyboard place the selector on the line starting with “password --md5” then hit the the following keys “Esc” “i
Password --md5 <replace this section with the previously generated md5 hash>

Place the selector to the timeout line and change the value to 5 (this will give you 5 seconds to hit a key and go around the GRUB menu option when you machine is booting). Once the modification is done, hit “Esc” “:” “wq
There is obviously a way to script it all, but I don’t want to start explaining how to script this because if anything is different from your system compared to mine then you might end up in more trouble than just a lost password.

Now it’s time to wrap up, commit the changes and write nicely on the hard-drive and “eject”(unmount) the hard-drive from the Live-DVD environment.


# sync; sync
# cd /
# umount /mnt
# reboot





Section 2 (Change the system Root Password)

You will need to reset the root user password of your system before it’s all loaded and start your MSE service. Following the Cisco documentation, if you can’t access the grub option via the physical keyboard during the boot. Go to your laptop and just like you would console into a Cisco switch/router 96000 bauds.
When the appliance is booting/rebooting you will see the grub menu for few seconds so press “Esc” as soon as you see the following menu.




Then press “p” and you’ll be prompted for the GRUB password



Then press “p” and you’ll be prompted for the GRUB password



Now you will select the line beginning with “kernel” and press “e”.


Then you will be typing the following:
rhgb quiet consolettys0,9600 1
Press “Enter

Now your GRUB menu will look like this, so it’s is time to hit “b









Your laptop screen should look like this:
Now go to the keyboard/monitor and wait for the boot sequence to be done:


You’ll have the opportunity to change the system root password using this command:
#passwd

Proceed with the password creation and you should obtain a successful message at the end of the process












At this point everything is done and you can simply reboot the machine with :
#reboot

VOILA !

No comments:

Post a Comment