Brian at brianhouk dot com
This paper is to assist you in recovering a BIGIP or 3DNS system with a lost password.
BIGIP - Version 1.8.3 - 4.2 and 3DNS Version 1.0.6 - 4.0.1.
This is really easy to figure out on your own, I just figured I'd write something quick on it to assist others in the same situation.
Recently my company purchased 2 bigip FHA+'s from the company
which had liquidated a large dot com here in chicago, unfortunately we purchased
two BIGIP's which hadn't had their configurations reset on them. In contacting
F5 I was told that we would need to buy support contracts from F5 in order
to obtain assistance in resetting the passwords. So instead of paying for
support to get the passwords reset I figured it out myself, and here are the
steps I took in resetting the passwords:
Step 1: as the machine is booting, you can break the boot sequence by hitting any key on the keyboard. When you've broken it you're sitting at a boot prompt you're going to want to type /boot -s this will boot to a single user shell rather than checking filesystems and taking you into multiuser mode.
Step 2:You now are sitting at the CLI in single user mode. Type /sbin/mount -u /. This will allow you to do maintenance in single usermode by allowing writes to files on /. It's mounted read-only to start with so if you're planning on writing to it(which you'll need to do to reset passwords) you'll need to issue that command to be able to write to it.
Step 3:Now you're going to have to mount your /usr partition, all of the sets of BIGIP's that I have access to all have the same setup /usr is on /dev/wd0h, hopefully this will be the same on yours. . . I've checked five sets and they're all the same. So we'll assume /dev/wd0h is going to be mounted to /usr. So issue the command /sbin/fsck /dev/wd0h and then /sbin/mount /dev/wd0h /usr, after those commands have been issued your /usr partition will now be mounted so you have access to the files stored on it.
Step 3:Now that you have /usr mounted you're going to want to change the password issue the command /usr/bin/passwd You will not be prompted for the old password, you will however be prompted for what you want the new password to be.
Step 4:Now you just need to sync the filesystems to ensure all pending disk writes are finished or have finished. So issue the command sync and then reboot the BIGIP.
Now you're done, you can login to your bigip when it's done configuring it and do whatever you have to do. When I initially logged into ours I had a problem because it was trying to fail over, it would give me about 25 seconds after logging in before it would reboot because it was trying to fail over to the other BIGIP since there was no traffic coming into it. You can make this go away very easily, just login to the console as root and type bigpipe -r that command resets the BIGIP configuration so it will stop attempting to fail over and stop rebooting when trying to fail over. For configuration of your BIGIP may i suggest you take a good look at the bigpipe manpage.
The following was e-mailed to me and may be helpful to you if you're using a newer BIGIP. Thanks AAron!
----- Original Message ---- From: Aaron Edwards To: Brian Houk Sent: Sunday, May 4, 2008 9:59:40 PM Subject: F5 password recovery Hi Brian, I recently needed to recover a root password on a BIG-IP running 4.6.3, that was out of support. Your directions didn't work on that release, but I was able to figure it out using yours as a baseline. After interrupting the boot, if you type "/boot -s", the device will hang. If you use the command "/bsd -s", it works like a champ. Everything else in your guide worked great. Also, I found out you could use the BSDI boot commands ("-ls dirname", "-cat filename") to look at directories and view files from the boot prompt. This helped me find the correct kernel name.
If you have any questions or find any information contained in this document which is incorrect I would appreciate an e-mail. brian at brianhouk dot com