This document describes the procedure for recovering the password of
the root user in a Cisco Guard or a Cisco Traffic Anomaly
Detector Distributed Denial of Service (DDoS) mitigation appliance. This
password is used to control root access to a Cisco Guard or
Cisco Traffic Anomaly Detector system. The root password is
encrypted and can only be replaced by a new password using the procedure below.
There are no specific requirements for this document.
For more information on document conventions, refer to
Technical Tips Conventions.
Complete these steps.
Attach a keyboard and a monitor to the Cisco Guard or Cisco Traffic
Anomaly Detector (this procedure cannot be performed through a serial or a
Login and type reboot.
While the box is powering up, keep the shift key pressed. This will
get you a "Lilo boot:" prompt.
Press TAB to see available images.
Note: 3.0.8 has a 'Cisco' image, while older images
Type Cisco 1 to get a single user image loaded (or
Riverhead 1 in older systems). This will boot the system in
single user mode.
During the boot process you will be asked for a password. Enter the
fixed password dud&ndud. This will give you a
Now you can run the passwd command to
change root's password. You will be asked to confirm the
password you have chosen, for example:
[root@DETECTOR root]# passwd
Changing password for user root.
New password: <new password typed in here>
Retype new password: <new password typed in here>
passwd: all authentication tokens updated successfully.
After you have changed the password, execute the
reboot command to restart the system. Do not
interrupt the boot process so that the system enters its normal operation mode.