Blog Post

Have you forgotten the network administrator password for the Cisco Nexus switch? If so, this tutorial can show you other ways to get it back. But before you begin the password recovery procedure, you should be informed of the following:

What to Do If a Device Has Two Supervisor Modules

 If a device has two supervisor modules, the recovery of the password must be done on the supervisor module which will remain operational when the recovery is complete.

To prevent the other supervisor module from activating, Either you need to remove the other supervisor module from the chassis or you need to convert the other supervisor module’s terminal prompt to loader> or switch (boot)#.

On Nexus switches, there are two ways to recover the admin password.

From the Command Line Interface (CLI) using a network administrator user name

By restarting the device

How to Use CLI to Recover the Admin Password on Nexus Switches

Step-1

Check if the username has network-admin privileges

switch# show user-account

User: admin

This user account has no expiry date

 roles:network-admin

User: ABC

This user account has no expiry date

roles:network-admin Network-Operator

Step-2

Create a new network admin password if a username has administrator rights.

switch# configure terminal

switch(config)# Username Admin Password < Abc@123!>

switch(config)# exit

switch#

Step-3

Save the changes.

switch# Copy Running-Config Startup-Config

How to Power Cycle a Nexus Switch to Recover the Admin Password

If the approach mentioned above does not work to recover the password, you must power cycle the device using the method described below. Keep in mind that the password recovery process will halt all device activity and prevent connections for two to three minutes.

You must be aware that you cannot retrieve the network admin password for a Nexus switch using a Telnet or Secure Shell (SSH) session before attempting any other techniques. Access to the local console connection is a need. Additionally, for NX-OS-equipped equipment like Cisco Nexus 7000 series switches, you cannot restore the password using the CMP administration interface.

When you reset your password, just the local user database—not the remote AAA servers—is updated. Only if local authentication is enabled will the new password function. It won’t function with remote authentication. Local authentication is set for console-only logins during password recovery so that only the admin user may log in with the new password.

Step-1

Open a terminal window on the switch’s console, then restart the switch. The console’s settings are as follows:

speed – 9600 Baud

Databits – 8 Bits per Byte

Stop bits – 1 Bit

Parity – none

Step-2

When you see that the system image is loading, keep pressing Ctrl-] to enter the switch(boot)# prompt mode. Press Ctrl-B (Ctrl+Shift+B) in place of Ctrl-] if you’re using Nexus Switches from older generations, such as the Nexus 5000 Series switches, which are enabled with Cisco NX-OS 4.0(0)N1(2a).

Then press Ctrl-]

Switch (boot)#

Step-3

Use the following commands to update the network admin password right away:

switch(boot)# configure terminal

switch(boot-config)# admin-password < Abc@123!>

switch(boot-config)# exit

switch(boot)#

Step-4

Display the boot flash: to locate the Cisco NX-OS software image file among the contents.

switch(boot)# dir bootflash:

Step-5

the Cisco NX-OS software image should be loaded. The name nx-os.bin has been used in this instance to denote the system image file:

switch(boot) # load bootflash:nx-os.bin

Step-6

Use the new network Admin password to log into the device right away.

Switch login: admin

Password <Abc@123!>

Step-7

If the following lines are present, local authentication is active and will be used for local console logins rather than remote console logins. To guarantee that the new password will function for subsequent logins, it is advisable not to alter the setting that is now in use. After resetting, you can enable remote authentication and keep track of the administrator password set on the AAA servers.

switch# show running-config aaa

step-8

switch# configure terminal

switch(config)# username admin password <Abc@123!>

switch(config)# exit

switch#

step-9

You can now put the previously removed supervisor module back into the chassis, if necessary.

Step-10

If necessary, start the standby supervisor module with the Cisco NX-OS kickstart image, for instance with the filename nx-os kickstart.bin.

loader# boot bootflash:nx-os_kickstart.bin

step-11

Currently, if necessary, put the Cisco NX-OS software onto the standby supervisor module. It has been assumed that nx-os.bin is the name of the system image file in this case:

switch(boot)# load bootflash:nx-os.bin

Step-12

In the last step, save the configuration by running the following command.

switch# copy running-config startup-config

We hope that the instructions provided by Cisco will enable you to regain access to your Nexus switch password. if you want to learn more about going to cisco.com

In addition to managed IT services, cybersecurity, and cloud services, Zindagi Technologies is an IT consulting firm with experts who have decades of experience in planning, developing, and installing data centers.

We are only a phone call away if you want to keep your network secure and operating efficiently. Please contact us via phone at +91-9773973971 or by email.

Author
Anuj Kumar
Associate Consultant