S2720, S5700, and S6720 Series Ethernet Switches

Configuration Guide - Basic Configuration 2 Login Password Management

2 Login Password Management

About This Chapter

This section describes how to configure login passwords based on modular and
fixed switches of multiple versions.
2.1 What Is the Default Login Password?
2.2 Restore the Password for Console Port Login
2.3 Restore the Password for Telnet Login
2.4 Restore BootROM/BootLoad Password
2.5 Restore the Password for Web Login

2.1 What Is the Default Login Password?

For device security purposes, change the password periodically.

● Console port login

Table 2-1 Default passwords for console port login in different versions
Version Default User Default Password Default Level
Name

V200R013C0 admin admin@huawei.co 15

0 m

● Telnet login

Issue 05 (2020-03-20) Copyright © Huawei Technologies Co., Ltd. 22

S2720, S5700, and S6720 Series Ethernet Switches
Configuration Guide - Basic Configuration 2 Login Password Management

Table 2-2 Default passwords for Telnet login in different versions

Version Default User Default Password Default Level

Name

V200R013C00 None None None

● Web login

Table 2-3 Default passwords for web login in different versions

Version Default User Default Password Default Level

Name

V200R013 admin admin@huawei.co 15

C00 m

● BootROM menu login

Table 2-4 Default passwords for BootROM menu login to devices of different
versions

Version Default User Default Password Default Level

Name

V200R013 None Admin@huawei.co None

C00 m

The password may be huawei on a device that has been upgraded to the current version
from an earlier one.

2.2 Restore the Password for Console Port Login

If you forget the password for logging in through the console port, use either of
the following two methods to set a new password.

Logging In to the Switch Through STelnet or Telnet to Set a New Password

NOTICE

Telnet may bring security risks. You are advised to log in to the switch through
STelnet V2.

Ensure that you have an STelnet/Telnet account and administrator rights. The
following uses the command lines and outputs of logging in to the device using

Issue 05 (2020-03-20) Copyright © Huawei Technologies Co., Ltd. 23

S2720, S5700, and S6720 Series Ethernet Switches
Configuration Guide - Basic Configuration 2 Login Password Management

STelnet as an example. After logging in to the switch through STelnet, perform the
following configuration.
# Take password authentication as an example. Set the password to
Huawei@123.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] authentication-mode password
[HUAWEI-ui-console0] set authentication password cipher Huawei@123
[HUAWEI-ui-console0] return
<HUAWEI> save

# Take AAA authentication as an example. Set the user name and password to
admin123 and Huawei@123 respectively.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] authentication-mode aaa
[HUAWEI-ui-console0] quit
[HUAWEI] aaa
[HUAWEI-aaa] local-user admin123 password irreversible-cipher Huawei@123
[HUAWEI-aaa] local-user admin123 service-type terminal
[HUAWEI-aaa] return
<HUAWEI> save

Clearing the Lost Password Through the BootROM/BootLoad Menu

If the switch has two MPUs, remove the standby MPU before performing the following
operations. After performing the following operations, install the standby MPU and run the
save command to ensure the consistent configuration on the active and standby MPUs.
If multiple switches are stacked, power off the member switches. After completing the
following operations on the master switch, run the save command to ensure that the
configurations on the master switch can be synchronized after other member switches are
started.

You can use the BootROM/BootLoad menu of the switch to clear the lost
password for console port login. After starting the switch, set a new password and
save your configuration. Perform the following steps.
1. Connect the terminal to the console port of the switch and restart the switch.
When the following message is displayed, press Ctrl+B or Ctrl+E immediately
and enter the password to enter the BootROM/BootLoad menu.

Press Ctrl+B or Ctrl+E to enter BootLoad menu ... 2

password: //Enter the BootLoad password.

Some models of fixed switches allow you to enter the BootROM/BootLoad menu by
pressing Ctrl+E. Perform operations as prompted on the screen.
The command outputs of different versions on different devices may be different.
Therefore, the command outputs on your device may be different from that provided in
this example.
● The default BootROM password of fixed switches is huawei in versions earlier than
V100R006C03 and Admin@huawei.com in V100R006C03 and later.
● The default BootROM password of modular switches is 9300 in V100R006 and earlier
versions, and Admin@huawei.com in versions after V100R006.
2. Select Clear password for console user on the BootROM/BootLoad menu to
clear the password for console port login.

Issue 05 (2020-03-20) Copyright © Huawei Technologies Co., Ltd. 24

S2720, S5700, and S6720 Series Ethernet Switches
Configuration Guide - Basic Configuration 2 Login Password Management

3. Select Boot with default mode on the BootROM/BootLoad menu to start the
switch as prompted.

Do not select Reboot; otherwise, the password cannot be cleared.

4. After the switch is started, log in through the console port. Authentication is
not required when you log in. Set a password as prompted after login. (In
V200R009 and later versions, the authentication mode for console port login
is non-authentication after the device starts, and the system does not ask you
to configure an authentication password.)
5. You can set an authentication mode and password for the console user
interface according to service requirements.

Related Content
Videos
Recover the Console Port Login Password.

2.3 Restore the Password for Telnet Login

If you forget the Telnet login password, log in to the switch through the console
port and set a new password for Telnet login.

The following uses the command lines of the S7700 in V200R008C00 as an example.

# Logging in to the device through the console port.

1. Connect the DB9 female connector of the console cable to the serial port
(COM) on the PC, and connect the RJ45 connector to the console port on the
device.
2. Start the terminal emulation software on the PC. Create a connection, select
the connected port, and set communication parameters.
– Baud rate : 9600
– Data bits : 8
– Stop bits : 1
– Parity : None
– Flow Control : None
3. Click Connect. Enter or configure the login password as prompted to log in to
the switch.
# Take password authentication for VTY0 login as an example. Set the password
to Huawei@123.
<HUAWEI> system-view
[HUAWEI] user-interface vty 0
[HUAWEI-ui-vty0] protocol inbound telnet //By default, switches in V200R006 and earlier versions
support Telnet, and switches in V200R007 and later versions support SSH.
[HUAWEI-ui-vty0] authentication-mode password
[HUAWEI-ui-vty0] set authentication password cipher Huawei@123
[HUAWEI-ui-vty0] user privilege level 15

Issue 05 (2020-03-20) Copyright © Huawei Technologies Co., Ltd. 25

S2720, S5700, and S6720 Series Ethernet Switches
Configuration Guide - Basic Configuration 2 Login Password Management

[HUAWEI-ui-vty0] return
<HUAWEI> save

# Take AAA authentication for VTY0 login as an example. Set the user name and
password to admin123 and Huawei@123 respectively.
<HUAWEI> system-view
[HUAWEI] user-interface vty 0
[HUAWEI-ui-vty0] protocol inbound telnet //By default, switches in V200R006 and earlier versions
support Telnet, and switches in V200R007 and later versions support SSH.
[HUAWEI-ui-vty0] authentication-mode aaa
[HUAWEI-ui-vty0] quit
[HUAWEI] aaa
[HUAWEI-aaa] local-user admin123 password irreversible-cipher Huawei@123
[HUAWEI-aaa] local-user admin123 service-type telnet
[HUAWEI-aaa] local-user admin123 privilege level 15
[HUAWEI-aaa] return
<HUAWEI> save

2.4 Restore BootROM/BootLoad Password

If you forget the BootROM password, log in to the switch and run the reset boot
password command in the user view to restore the default BootROM password.
● The default BootROM password of fixed switches is huawei in versions earlier
than V100R006C03 and Admin@huawei.com in V100R006C03 and later.
● The default BootROM password of modular switches is 9300 in V100R006 and
earlier versions, and Admin@huawei.com in versions after V100R006.

2.5 Restore the Password for Web Login

If you forget the web login password, log in to the switch through the console
port, Telnet, or STelnet, and set a new password for web login.

NOTICE

Telnet may bring security risks. You are advised to log in to the switch through the
console port or STelnet.

# Set the user name and password to admin123 and Huawei@123 respectively.
<HUAWEI> system-view
[HUAWEI] aaa
[HUAWEI-aaa] local-user admin123 password irreversible-cipher Huawei@123
[HUAWEI-aaa] local-user admin123 service-type http
[HUAWEI-aaa] local-user admin123 privilege level 15
[HUAWEI-aaa] return
<HUAWEI> save

Issue 05 (2020-03-20) Copyright © Huawei Technologies Co., Ltd. 26