Reset login password in FIPS code.

Aruba Employee
Aruba Employee

Introduction : This article applies to All Aruba controllers running FIPS code.

 

Configuration Steps :

 

1. Enter the cpbootmode and change the default boot file:

Hit any key to stop autoboot:  0
cpboot>
cpboot> setenv cfgfile default1.cfg
cpboot> saveenv
cpboot> reset

2. This will cause the controller to present the initial config wizard on bootup. Configure the desire password:
 
Reading configuration from factory-default.cfg
..
..
Enter System name [Aruba650]: Testcontroller
..
..
Enter Password for admin login (up to 32 chars): *********
Re-type Password for admin login: *********
Enter Password for enable mode (up to 15 chars): ******
Re-type Password for enable mode: ******
Do you wish to shutdown all the ports (yes|no)? [no]:

3.  Save the config and restart the controller:
                   
System name: Testcontroller
..
..
If you accept the changes the switch will restart!
Type <ctrl-P> to go back and change answer for any question
Do you wish to accept the changes (yes|no)yes
Creating configuration... Done.
 
System will now restart!
 
4. Enter the CP boot mode again and reset the config file:

Hit any key to stop autoboot:  0
cpboot>
cpboot> setenv cfgfile
cpboot> saveenv
Saving Environment to Flash...
Erasing #
Erased 1 sectors
Writing ########
cpboot> boot
 
5. Boot into the controller with new password. Make sure we save the config for new password to be saved:
 
<<<<<    Welcome to Aruba Networks - Aruba A650-US    >>>>>
 
Starting watchdog processes
..
..
 
Completed FIPS OpenSSL KAT test successfully.
 
(Testcontroller)
User: admin
Password: *********
(Testcontroller) >en
Password:******
Password:******
(Testcontroller) #
(Testcontroller) #write memory
Saving Configuration...
                
Configuration Saved.
 
(Testcontroller) #
 

Answer : Sometimes, we cannot reset the password in FIPS code through the console using default method. In that case, we must use alternative method:

1. Get into cpboot mode. Change config file so controller boots in config wizard. Configure the new password.
2. Reboot, enter cpboot mode, reset the config file again.
3. Login to the controller using new configured password.
4. Save the config.

 

Related Links : https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-4

Version history
Revision #:
1 of 1
Last update:
‎07-04-2014 02:58 AM
Updated by:
 
Contributors
Comments

I modifiede the procedure so it was tailored more to a 7205 with the 8.2.2.1 OS, all credit still goes to  for creating the original.

 

Reset login password in FIPS code.

AnandKumar Sukumar

Aruba Employee

‎07-04-2014 02:58 AM

Updated by John Sullivan 02-15-2019 (not Aruba employee)

Introduction : This article applies to the 7205 Aruba controllers running FIPS code.

 Configuration Steps:

  1. Enter the cpboot mode and change the default boot file:

    Hit Ctrl-x to stop autoboot:
    cpboot>
    cpboot> setenv cfgfile default1.cfg
    cpboot> saveenv
    cpboot> reset

    2. This will cause the controller to present the initial config wizard on bootup (factory-default). Configure the desire password:

    Reading configuration from factory-default.cfg
    ..
    ..

(Select full-setup if necessary)
Enter System name [Aruba7205]: Testcontroller
..
..
Enter Password for admin login (up to 32 chars): *********
Re-type Password for admin login: *********
(OS version 8.2.2.1 does not ask for the Enable password, change it once you are logged in at the prompt)

Enter Password for enable mode (up to 15 chars): ******
Re-type Password for enable mode: ******
Do you wish to shutdown all the ports (yes|no)? [no]:
..
(Type <ctrl-P> to go back and change answer for any question)
Do you wish to accept the changes (yes|no)yes
Creating configuration... Done.
 
System will now restart!

 

  1. Enter the cpboot mode again then set and save the environment in the config file:

    Hit Ctrl-x to stop autoboot:
    cpboot>
    cpboot> setenv cfgfile
    cpboot> saveenv
    Saving Environment to Flash...
    Erasing #
    Erased 1 sectors
    Writing ########
    cpboot> reset (bootf will take it back to the factory-default)

    5. Boot into the controller with the new password. Make sure to save the config for the new password:

    <<<<<    Welcome to Aruba Networks - Aruba A7205-US    >>>>>
     
    Starting watchdog processes
    ..
    ..
     
    Completed FIPS OpenSSL KAT test successfully.
     
    (Testcontroller)
    User: admin
    Password: *********
    (OS version will not ask for enable login initially, change it

(Testcontroller) >en
Password:******
Password:******
(Testcontroller) #
(Testcontroller) #write memory
Saving Configuration...
                
Configuration Saved.
 
(Testcontroller) #
 

Answer : Sometimes, we cannot reset the password in FIPS code through the console using default method. In that case, we must use alternative method:

1. Get into cpboot mode. Change config file so controller boots in config wizard. Configure the new password.
2. Reboot, enter cpboot mode, reset the config file again.
3. Login to the controller using new configured password.
4. Save the config.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: