星期日, 9月 10, 2006

Cisco rommon mode password recovery

CISCO路由器配置手冊
參考:
1、Cisco路由器口令恢復
當Cisco路由器的口令被錯誤修改或忘記時,可以按如下步驟進行操作:
1. 開機時按使進入ROM監控狀態
2. 按o 命令讀取配置寄存器的原始值
> o 一般值為0x2102
3. 作如下設置,使忽略NVRAM引導
>o/r0x**4* Cisco2500系列命令
rommon 1 >confreg 0x**4* Cisco2600、1600系列命令
一般正常值為0x2102
4. 重新啟動路由器
>I
rommon 2 >reset
5. 在「Setup」模式,對所有問題回答No
6. 進入特權模式
Router>enable
7. 下載NVRAM
Router>configure memory
8. 恢復原始配置寄存器值並啟動所有埠
「hostname」#configure terminal
「hostname」(config)#config-register 0x「value」
「hostname」(config)#interface xx
「hostname」(config)#no shutdown
9. 查詢並記錄丟失的口令
「hostname」#show configuration (show startup-config)
10. 修改口令
「hostname」#configure terminal
「hostname」(config)line console 0
「hostname」(config-line)#login
「hostname」(config-line)#password xxxxxxxxx
「hostname」(config-line)#
「hostname」(config-line)#write memory(copy running-config startup-config)


您要用終端機才會方便

我是以2611來做的,不過1600也適用。
以下是我的做法,您可以參考一下,有實做成功喔!
一:先準備一條使用RJ45接頭的連接線,連接Router的Console Port。
二:終端機使用以下設定(不要用Win NT,建議用Win9x)
9600 baud rate
No parity
8 data bits
1 stop bit
No flow control
三:將Router開機,
System Bootstrap, Version 11.3(19)AA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
Copyright (c) 1998 by cisco Systems, Inc.
C2600 processor with 32768 Kbytes of main memory
Main memory is configured to 32 bit mode with parity enabled
看到出現此訊息後,趕緊按下Ctrl+Break送出 Break,就會進到ROMMON Mode。
四:在rommon>下輸入confreg
rommon 1 > confreg
回答下列問題
Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: image specified by the boot system commands
or default to: cisco2-C2600

do you wish to change the configuration? y/n [n]: y-------回答Y
enable "diagnostic mode"? y/n [n]:
enable "use net in IP bcast address"? y/n [n]:
disable "load rom after netboot fails"? y/n [n]:
enable "use all zero broadcast"? y/n [n]:
enable "break/abort has effect"? y/n [n]:
enable "ignore system config info"? y/n [n]: y-------回答Y
change console baud rate? y/n [n]:
change the boot characteristics? y/n [n]: y-------回答Y
enter to boot:
0 = ROM Monitor
1 = the boot helper image
2-15 = boot system
[2]: 2-----要選2

五:rommon 2 > reset 重新啟動 Router
六:
--- System Configuration Dialog --- Router 會自動進入 Setup 選單

Would you like to enter the initial configuration dialog? [yes/no]:
按 Ctrl-C 中斷 Setup
七:Router 會進入一般模式
Router>enable 進入 Priviledged mode (不需輸入任何密碼)
Router#show startup-config 顯示 NVRAM 裡面的 Startup-Config
(顯示結果省略)
八:將 Startup-Config 載入 DRAM
Router#configure memory
九: 2611#configure terminal----輸入此命令進入設定模式
十:將 enable 的密碼改為 2611
2611(config)#enable secret 2611
十一:將 Running-Config 寫回 NVRAM
2611#copy running-config startup-config
十二:
2611#show version
Cisco Internetwork Operating System Software
(中間結果省略)
Configuration register is 0x2142 目前的 Configuration Register 為 0x2142
十三:
2611#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
2611(config)#config-reg 0x2102 將 Configuration Register 改回來
2611(config)#^Z -----Ctrl+Z
2611#
00:01:54: %SYS-5-CONFIG_I: Configured from console by console
2611# reload 重新開機
全部大功告成。過程雖然有點囉唆,不過卻是一定要做的。
希望上述做法對需要的人有幫助。



2500 Password Recovery

Step 1 : Power on router (Press [Ctrl] + [Break] within 30 sec)
Step 2 : o/r 0x2142 [Enter]
Step 3 : i [Enter]
Then it will show as follow
Step 4 : Would you like to enter initial configuration dialog? [Yes] : No [Enter]
Step 5 : Router> enable [Enter]
Step 6 : router# copy start run [Enter]
Step 7 : router# conf t [Enter]
Step 8 : router(config)# config-register 0x2102 [Enter]
Step 9 : router(config)# enable secret Newpassword [Enter]
Step 10 : router(config)# exit [Enter]
Step 11 : router# copy run start [Enter]
Step 12 : router# reload [Enter]

1600 (2600;3600)Password Recovery

Step 1 : Power on router (Press [Ctrl] + [Break] within 30 sec)
Then it will show as follow
Step 2 : rommon> confreg [Enter]
Step 3 : “Do you wish to change configuration[y/n]?” Type y
Step 4 : Type n to all of the question that appear until you reach the
“ignore system config info[y/n]” , type y
Step 5 : Type n to all of the question that appear until you reach the
“change boot characteristics[y/n]” , type y
Step 6 : “enter to boot “ type 2[Enter]
Step 7 : “Do you wish to chane configuration [y/n]” type n
Step 8 : reset [Enter]
Step 9 : Then do the same thing as Step 5 to 12 in 2500 password recovery



Multiple LUNs (scsi_mod) and RHEL4

Multiple LUNs (scsi_mod) and RHEL4



I'm trying to kickstart a machine, and partition disks on 3 fibre
attached LUNs (lpfc/emulex), but the installer only sees the first one
(/dev/sda), and not the other two (/dev/sdb, /dev/sdc)

Out of the box, the RHEL4 initrd is configured to only discover a
single scsi LUN. In order to fix this, you have to use a custom
initrd:

# echo "options scsi_mod max_luns=xx" >> /etc/modprobe.conf
# mkinitrd -f
# reboot
(where xx > 1)

This works fine *after* the box is installed, but is there a way to
make this work during the kickstart install? I tried using some %pre
scripts, but it didn't work:

---ks.cfg---
...
%pre
rmmod scsi_mod
modprobe scsi_mod max_luns=128
...
%post
echo "options scsi_mod max_luns=255" >> /etc/modprobe.conf
mkinitrd -f -v
---ks.cfg---


Howto: Linux see new fiber channel attached disk LUNs without rebooting

Posted in Linux

Q. How do I force fdisk to see new fiber channel attached disk LUNs without rebooting my Linux server or system?

A. Hot swapping or hot plugging is the ability to remove and replace components of a machine, usually a computer, while it is operating. Once the appropriate software is installed on the computer, a user can plug and unplug the component without rebooting.

You can add new SCSI device to a Linux system through SCSI hotplug mechanism.

Type the following command as root user:

$ echo "scsi add-single-device 1 2 3 4">/proc/scsi/scsi

Where,

  • 1 - HBA number
  • 2 - channel id on the HBA
  • 3 - SCSI ID of the new device
  • 4 - LUN of the new device

You need to replace 1,2,3,4 with actual values or parameters as per above list.



http://www.cyberciti.biz/faq/howto-linux-see-new-fiber-channel-attached-disk-luns-without-rebooting/

星期六, 9月 09, 2006

Howto: build Linux kernel module against installed kernel w/o full kernel source tree

Recently I received a question via email:

How do I build Linux kernel module against installed or running Linux kernel? Do I need to install new kernel source tree from kernel.org?

To be frank you do not need a new full source tree in order to just compile or build module against the running kernel i.e an exploded source tree is not required to build kernel driver or module. The instruction outlined below will benefit immensely to a developers/power users.

This is essential because if you just want to compile and install driver for new hardware such as Wireless card or SCSI device etc. With following method, you will save the time, as you are not going to compile entire Linux kernel.

Please note that to work with this hack you just need the Linux kernel headers and not the full kernel source tree. Install the linux-kernel-headers package which provides headers from the Linux kernel. These headers are used by the installed headers for GNU glibc and other system libraries as well as compiling modules. Use following command to install kernel headers:
# apt-get install kernel-headers-2.6.xx.xx.xx

Replace xx.xx with your actual running kernel version (e.g. 2.6.8.-2) and architecture name (e.g. 686/em64t/amd64). Use uname -r command to get actual kernel version name. Please note that above command will only install kernel headers and not the entire kernel source-code tree.

All you need to do is change Makefile to use current kernel build directory. You can obtain this directory name by typing following command:
$ ls -d /lib/modules/$(uname -r)/buildOutput:

/lib/modules/2.6.15.4/build

Let, say you have .c source code file called hello.c. Now create a Makefile as follows in the directory containing hello.c program / file:
$ vi Makefile
Append following text:
obj-m := hello.o
KDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
default:
$(MAKE) -C $(KDIR) SUBDIRS=$(PWD) modules

Save and close the file. Type the following command to build the hello.ko module:
$ make

To load Linux kernel module type the command:
# modprobe hello

Updated for accuracy.


http://www.cyberciti.biz/tips/build-linux-kernel-module-against-installed-kernel-source-tree.html