For more details, please see ourCookie Policy.


Fibre Channel (SAN)

Reply
Occasional Contributor
Posts: 10
Registered: ‎07-11-2018

Recovering root Passwords is so much easier than I thought

I used to think recovering root passwords was a difficult process that required getting a serial console connection and a switch reboot. Apparently, I was wrong, and I sure wish someone had told me about this earlier.

 

All you have to do is build a fabric with a switch with known passwords, then from that switch do

 

distribute -p PWD -d $target_domain

 

Doesn't work if there is more than one logical switch on the target chassis, but that is rare and can potentially be worked around.

 

I am trying as hard as possible not to think about the security implications of this discovery.

Contributor
Posts: 63
Registered: ‎01-19-2018

Re: Recovering root Passwords is so much easier than I thought

Like with serial cable, you'd need to have physical access to the switch in question. That is already secure enough to me.

Another thing, IF you have fabric security policy on the switch in question AND you don't have admin password as well, you'd be limited to the Brocade proprietary recovery procedures.
Contributor
Posts: 56
Registered: ‎05-12-2013

Re: Recovering root Passwords is so much easier than I thought

You could also just login as admin and change the root account password. If needed change the password policy configuration to not require the previous password.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.