This document describes the procedure for recovering the password of the root user in a Cisco Guard or a Cisco Traffic Anomaly Detector Distributed Denial of Service (DDoS) mitigation appliance. This password is used to control root access to a Cisco Guard or Cisco Traffic Anomaly Detector system. The root password is encrypted and can only be replaced by a new password using the procedure below.
There are no specific requirements for this document.
For more information on document conventions, refer to Cisco Technical Tips Conventions.
Complete these steps.
Attach a keyboard and a monitor to the Cisco Guard or Cisco Traffic Anomaly Detector (this procedure cannot be performed through a serial or a network connection.)
Login and type reboot.
While the box is powering up, keep the shift key pressed. This will get you a "Lilo boot:" prompt.
Press TAB to see available images.
Note: 3.0.8 has a 'Cisco' image, while older images have 'Riverhead'.
Type Cisco 1 to get a single user image loaded (or Riverhead 1 in older systems). This will boot the system in single user mode.
During the boot process you will be asked for a password. Enter the fixed password dud&ndud. This will give you a root shell.
Now you can run the passwd command to change root's password. You will be asked to confirm the password you have chosen, for example:
[root@DETECTOR root]# passwd
Changing password for user root.
New password: <new password typed in here>
Retype new password: <new password typed in here>
passwd: all authentication tokens updated successfully.
After you have changed the password, execute the reboot command to restart the system. Do not interrupt the boot process so that the system enters its normal operation mode.