System Setup and Software Installation Guide for Cisco NCS 1010, IOS XR Releases

PDF

Recover password

Updated: June 17, 2026

Want to summarize with AI?

Log in

Use this procedure to recover the password on Cisco NCS 1010. It helps restore access when incorrect or lost login credentials prevent device access.

Use this task to recover password.

Problem:

Unable to access the NCS 1010 due to incorrect login credentials.

Cause:

A root password is used to login to the NCS 1010. If you forget this root password, you cannot access the NCS 1010.

Solution:

If you lose your admin and root user credentials, the NCS 1010 becomes inaccessible. The system can be recovered using a NCS 1010 reimage using iPXE or USB boot. However, this approach is not scalable.

You can use the system recovery feature to recover the lost password.

With this feature, the system is recovered without the need to reimage the NCS 1010. The system is recovered to its initial state with the current running software. The installed software and SMUs are retained after the system is recovered. The process complies with the Cisco Product Security Baseline (PSB) where user data is securely erased before recovering the NCS 1010. The following data that are generated at run-time are erased:

  • XR and admin configuration including the password data

  • Cryptographic keys on the disk

  • Data on encrypted partition

  • Generated core files

  • SNMP interface index files

  • Third-party application (TPA) software and data

  • Files created by the user

Use the following procedure to recover the password on NCS 1010.

Note

This procedure is applicable only when you have already enabled the password recovery feature on your NCS 1010.

RP/0/RP0/CPU0:ios(config)#system recovery

Before you begin

Follow these steps to recover password.

Procedure

1.

Power ON the NCS 1010, and press the ESC on the RP console to enter the BIOS GRUB menu.

This procedure must be executed on each RP individually on a modular system.
2.

Boot on the standby RP. Press ESC key to enter the GRUB (bootstrap program) menu.
3.

On the RP0 card console select the IOS-XR-recovery option from the GRUB menu and press Enter.
4.

Select the IOS-XR-recovery option from the GRUB menu and press Enter on the card console when the Initiating IOS-XR System Recovery... message is displayed on the card console.

Note

Do not wait until the card reaches the

Enter root-system username:

prompt. If you reach this prompt, the card will reload automatically and exit the BIOS GRUB menu. The card will boot up as active post the recovery process.
5.

On the RP card, create a new root user and password. Log in to the NCS 1010 using the new root username and password.

Example:

RP/0/RP1/CPU0:June 10 06:13:24.551 CEST: sys_rec[1188]: %SECURITY-SYSTEM_RECOVERY-1-REPORT : 
System Recovery at 06:10:19 CEST Fri June 10 2022 was successful

RP/0/RP1/CPU0:June 10 06:15:13.967 CEST: sys_rec[1188]: %SECURITY-SYSTEM_RECOVERY-1-REPORT : 
System Recovery

The NCS 1010 boots with the default configuration. Proceed with configuring the NCS 1010 or load a configuration from a backup file if you had already taken a backup. It is recommended to backup data and save the configuration on an external server.

Ensure that you see this message in the RP console. If this message is not displayed, then repeat the process from step 1 to step 5 until you see the message:

The password recovery procedure is complete.

The option to recover the system using console port is disabled on bootup because all the previous configurations are erased. With this configuration disabled, if you select IOS-XR-recovery option from GRUB menu to recover the system, the recovery is skipped. Enable the password recovery feature again using the system recovery command.