new to cisco, locked out of my own switch

So i just started with cisco trying to get my ccent then my ccna.

I was following cbt nuggets with setting a password and i managed to lock myself out. No idea how.

Here's what I typed:

MMLP2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
MMLP2(config)#line console 0
MMLP2(config-line)#password cisco
MMLP2(config-line)#password 7
% Incomplete command.


MMLP2(config-line)#password 7 cisco
Invalid encrypted password: cisco


MMLP2(config-line)#password cisco
MMLP2(config-line)#end
MMLP2#ex
00:47:43: %SYS-5-CONFIG_I: Configured from console by consoleit
MMLP2#conf tEnter configuration commands, one per line.  End with CNTL/Z.
MMLP2(config)#line console 0
MMLP2(config-line)#login
MMLP2(config-line)#login ?
  local  Local password checking
  <cr>


MMLP2(config-line)#login local
MMLP2(config-line)#exit
MMLP2(config)#exit
MMLP2#ex
00:49:03: %SYS-5-CONFIG_I: Configured from console by consoleit

Now i get this:

Press RETURN to get started.














User Access Verification


Username: login
Password:
% Login invalid


Username: local
Password:
% Login invalid

Now when i try to log back in i tried username login, local cant seem to figure out what i must have typed there or what setting I enabled to lock me out.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

AwesomeGarrett

Well did you ever configure a username?

Do you know how to do a password recovery on a switch?

When you use the login local command on the console, your telling the device to authenticate using the local database on the device. From the configuration presented, it does not look like you ever configured one. Or am I wrong?

theodoxa

"login local" tells it to use a local user account for authentication. You would normally use "username admin password cisco" to specify a user named admin with a password of "cisco". I don't know if it will work on a switch or not, but you might try just hitting enter when it asks for a username and then enter your password.

TechGuru80

theodoxa wrote: »

"login local" tells it to use a local user account for authentication. You would normally use "username admin password cisco" to specify a user named admin with a password of "cisco". I don't know if it will work on a switch or not, but you might try just hitting enter when it asks for a username and then enter your password.

Very unlikely just hitting enter would work as that would be a security issue.

The good thing is that you can hold the mode button for about 10 seconds and the switch will reset back to default. The bad...start again but you should practice basic configs every so often anyways.

brfitzp

Thanks guys, I ended up resetting the entire thing by resetting back to default with the mode button. I guess screwing up and trying to fix my screw ups is a good part of the learning process.

AwesomeGarrett

brfitzp wrote: »

I guess screwing up and trying to fix my screw ups is a good part of the learning process.

That's the idea. Keep at it, it will come with time.

theodoxa

TechGuru80 wrote: »

Very unlikely just hitting enter would work as that would be a security issue.

The good thing is that you can hold the mode button for about 10 seconds and the switch will reset back to default. The bad...start again but you should practice basic configs every so often anyways.

Normally, I would think that also. But, I recently acquired an ASA 5505 and it prompts for a username/password (ASDM) or password (Enable) in some cases even when there isn't one. You are expected to just hit enter. I looked at the config and it says:

enable password 8Ry2YjIyt7RRXU24 encrypted

8Ry2YjIyt7RRXU24 appears to be a Type 7 Password, which decrypts to a DOLLAR SIGN ($), which I suspect was used because of its regex (regular expression) meaning. If I get a chance sometime, I'll try "password $" on an IOS Router/Switch and see if it behaves like my ASA.