Fibre Channel (SAN)

Reply
Contributor
Posts: 22
Registered: ‎06-12-2015

Downgrade issues due to hash, and disabled rootaccount

[ Edited ]

Need to downgrade a switch from FOSv8.0.2c to 7.x
Error: 

 Downgrade is not allowed because System hash type is not set to MD5

Root account is als disabled

 

Managed to change hash to md5 for admin account

When trying to do this fror default user account we gert an error 

swd77:user>  passwdcfg --hash md5

RBAC permission denied.

 

Also when trying to enable the root account i see an error

1-  change root -e yes  (sucessfully)
2-  rootaccess --set required-mode consoleonly i see the error below

 

rbash: rootaccess: restricted: cannot redirect output

 

Any good tips ?

 

swd77:admin> passwdcfg --showhash -all

 

Account name: root

Password Hash Algorithm: SHA512

 

Account name: admin

Password Hash Algorithm: MD5

 

Account name: user

Password Hash Algorithm: SHA512

 

 



External Moderator
Posts: 5,040
Registered: ‎02-23-2004

Re: Downgrade issues due to hash, and disabled rootaccount

@Thomas Karlend

 

--->>>Need to downgrade a switch from FOSv8.0.2c to 7.x

 

Switch Type / Model ?

 

what version of FOS 7.x you try to Downgrade ?

 

what is the reason for Downgrade ?

TechHelp24
Brocade Moderator
Posts: 445
Registered: ‎03-29-2011

Re: Downgrade issues due to hash, and disabled rootaccount

Hi Thomas,

 

you need to run as admin to enable root / change password type:

 

swd77:admin>  userconfig --change root -e yes

swd77:admin>  rootaccess --set all

swd77:admin>  passwdcfg --hash md5

 

Notice that when you downgrade the switch from Fabric OS 8.0.1 or later, the downgrade is blocked unless the following two conditions
are met:


– The password hash type for all the users is changed to MD5.
– The switch hash type is changed to MD5.




If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution".


Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution"

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook