华三交换机如何清除Console口密码

在企业网络运维管理中，Console 口 是网络设备（如华三交换机）最核心的本地管理通道，也是远程登录失效、系统异常时的最后运维生命线 。为保障设备本地访问安全，生产环境通常会为 Console 口配置严格的认证密码。但在实际运维过程中，常因人员交接密码未同步、长期未登录导致密码遗忘、配置变更后密码记录丢失等情况，造成无法通过 Console 口登录设备，直接阻断本地管理路径。

当远程管理（SSH/Telnet）因网络故障、配置错误不可用时，Console 口密码锁定将导致设备完全无法运维，严重影响故障排查、配置恢复与业务恢复效率。因此，掌握华三交换机Console 口密码清除与重置方法，是快速解除设备登录锁定、恢复本地管理权限、保障网络运维连续性的关键技能，对提升故障应急响应能力、降低运维风险具有重要意义。

步骤 1 进入bootroom菜单清除Consle密码。通过conlse线和Secure CRT软件连接并登录设备，然后断电重启设备。在配置终端的屏幕上显示如下信息，当出现**"press Ctrl+B"** 的时候快速按住**"Ctrl+B"**进入botroom菜单。

System is starting...
Press Ctrl+D to access BASIC-BOOTWARE MENU
Booting Normal Extend BootWare
The Extend BootWare is self-decompressing.......................Done!
BootWare Validating...
Press Ctrl+B to enter extended boot menu...

BotWare password: Not required. Please press Enter to continue.

Password recovery capability is enabled.

Note: The current operating device is flash

Enter < Storage Device Operation > to select device.

步骤 2进入bootroom主菜单，查看是否使能密码恢复功能。

Password recovery capability is enabled. //enabled使能密码恢复功能。

Note: The current operating device is flash

Enter < Storage Device Operation > to select device.

=====================<EXTENDBOOTWARE MENU>=================

|<1> Boot System |

|<2> Enter Serial SubMenu |

|<3> Enter Ethernet SubMenu

|<4> File Control |

|<5> Restore to Factory Default Configuration //恢复到出厂默认配置

|<6> Skip Current System Configuration //跳过当前系统配置启动

|<7> BootWare Operation Menu |

|<8> Clear Super Password |

|<9> Storage Device Operation |

|<0> Reboot //重启设备

=============================================================

Ctrl+Z: Access EXTEND-ASSISTANT MENU

Ctrl+F: Format File System

Enter your choice(0-9):

Flag Set Success.

步骤 3 进入bootroom主菜单，然后选择"<6> Skip Current System Configuration"跳过当前系统配置启动，此时设备不会删除上次启动时加载的配置文件，不同设备可能不是数字6。

有部分系列交换机型号可以使用如下方法清除console口密码：

重启设备进入BootWare主菜单，选择<6>，即以忽略系统当前配置的方式启动，此时设备不会删除上次启动时加载的配置文件。

Password recovery capability is enabled.

Note: The current operating device is flash

Enter < Storage Device Operation > to select device.

=======================<EXTENDED-BOOTWARE MENU>=============

|<1> Boot System |

|<2> Enter Serial SubMenu |

|<3> Enter Ethernet SubMenu |

|<4> File Control |

|<5> Restore to Factory Default Configuration |

|<6> Skip Current System Configuration |

|<7> BootWare Operation Menu |

|<8> Skip Authentication for Console Login |

|<9> Storage Device Operation |

|<0> Reboot |

============================================================================

Ctrl+Z: Access EXTENDED ASSISTANT MENU

Ctrl+F: Format File System

Ctrl+C: Display Copyright

Enter your choice(0-9): 6

系统出现如下提示表明已经设置成功。

Flag Set Success.

当再次出现BootWare主菜单时，选择<1>，设备开始启动。

重启设备后，设备的配置为空，用户可以在系统视图下配置回滚恢复原有配置，如下配置表示将当前配置回滚到配置文件startup.cfg中的配置状态。如果用户不想恢复原有配置，请跳过此步骤。

<Sysname> system-view
$Sysname\] configuration replace file flash:/startup.cfg Current configuration will be lost, save current configuration? \[Y/N\]:n Now replacing the current configuration. Please wait ... Succeeded in replacing current configuration with the file flash:/startup.cfg. 5. 在系统视图下设置新的Console口的登录认证模式和密码，例如：设置Console口验证方式为密码验证，且以明文方式设置Console口的密码为123456。 \ system-view \[Sysname\] line console 0 \[Sysname-line-console0\] authentication-mode password \[Sysname-line-console0\] set authentication password simple 123456 6. 保存新配置。 \[Sysname-line-console0\] save$

Password recovery capability is enabled. //enabled使能密码恢复功能。

Note: The current operating device is flash

Enter < Storage Device Operation > to select device.

=====================<EXTENDBOOTWARE MENU>=================

|<1> Boot System |

|<2> Enter Serial SubMenu |

|<3> Enter Ethernet SubMenu

|<4> File Control |

|<5> Restore to Factory Default Configuration //恢复到出厂默认配置

|<6> Skip Current System Configuration //跳过当前系统配置启动

|<7> BootWare Operation Menu |

|<8> Clear Super Password |

|<9> Storage Device Operation |

|<0> Reboot //重启设备

=============================================================

Ctrl+Z: Access EXTEND-ASSISTANT MENU

Ctrl+F: Format File System

Enter your choice(0-9): 6 //跳过当前系统启动的配置文件

Flag Set Success.

步骤 4 输入0，然后自动重启设备。

====================<EXTEND-BOOTWARE MENU>================

|<1> Boot System |

|<2> Enter Serial SubMenu |

|<3> Enter Ethernet SubMenu |

|<4> File Control |

|<5> Restore to Factory Default Configuration |

|<6> Skip Current System Configuration |

|<7> BootWare Operation Menu |

|<8> Clear Super Password |

|<9> Storage Device Operation |

|<0> Reboot |

=================================================================

Ctrl+Z: Access EXTEND-ASSISTANT MENU

Ctrl+F: Format File System

Enter your choice(0-9): 0 //输入0重启设备

System is starting...

Press ENTER to get started.

步骤 5如不需要配置，直接跳过启动文件后直接保存当前空配置，再重启设备。

<H3C> save

The current configuration will be written to the device. Are you sure? [Y/N]:y

Please input the file name(*.cfg)[flash:/startup.cfg]

(To leave the existing filename unchanged, press the enter key):（输入回车）

flash:/startup.cfg exists, overwrite? [Y/N]:y

Validating file. Please wait...

Configuration is saved to device successfully.

<H3C>reboot

Start to check configuration with next startup configuration file, please wait.........DONE!

Current configuration may be lost after the reboot, save current configuration? [Y/N]:y

This command will reboot the device. Continue? [Y/N]:y

步骤 6如需要之前的配置，导出当前配置文件备份再清除密码，然后再导入配置文件覆盖。

备份配置文件

<H3C>

#Apr 26 12:02:07:166 2000 H3C SHELL/4/LOGIN:

Trap 1.3.6.1.4.1.25506.2.2.1.1.3.0.1<hh3cLogIn>: login from Console

%Apr 26 12:02:07:306 2000 H3C SHELL/5/SHELL_LOGIN: Console logged in from aux0.

<H3C> copy startup.cfg startup_bak.cfg //复制一份配置文件进行备份

<H3C>dir //查看设备配置文件

Directory of flash:/

1 drw- - Apr 26 2000 12:00:20 logfile

2 -rw- 1666 Apr 26 2000 12:05:39 startup.cfg

3 -rw- 1556 Apr 26 2000 12:05:33 startup_bak.cfg

4 -rw- 151 Apr 26 2000 12:05:30 system.xml

29106 KB total (16876 KB free)

给设备和电脑配置成同网段IP地址，在电脑上通过3CD、MobaXterm软件搭建tftp服务器。

<H3C> system-view

System View: return to User View with Ctrl+Z.

H3C\]interface Vlan-interface 1 \[H3C-Vlan-interface1\] ip address 192.168.100.1 24 \[H3C-Vlan-interface1\]quit \[H3C\] ping 192.168.100.2 PING 192.168.100.2: 56 data bytes, press CTRL_C to break Reply from 192.168.100.2: bytes=56 Sequence=1 ttl=128 time=7 ms Reply from 192.168.100.2: bytes=56 Sequence=2 ttl=128 time=2 ms 3. 设备上传配置文件至tftp服务器。 \tftp 192.168.100.2 put startup.cfg File will be transferred in binary mode Sending file to remote TFTP server. Please wait... \| TFTP: 1666 bytes sent in 0 second(s). File uploaded successfully. \ 设备文件上传成功，tftp服务器下载成功。 4. 清除console密码。 可以到本地相关路径查看到相关文件，需要恢复之前配置解决方法：删除密码恢复之前配置文件 （1）使用记事本打开startup.cfg文件 。 （2）删除aux0口下的认证方式和密码并保存文件。 5. 覆盖当前配置文件。 \ tftp 192.168.100.20 get startup.cfg The file startup.cfg exists. Overwrite it? \[Y/N\]:y //选择y，确认覆盖文件。 Verifying server file... Deleting the old file, please wait... ... File will be transferred in binary mode Downloading file from remote TFTP server, please wait.... TFTP: 1166 bytes received in 0 second(s) File downloaded successfully. \ reboot Start to check configuration with next startup configuration file, please wait.........DONE! Current configuration may be lost after the reboot, save current configuration? \[Y/N\]:**n 不保存配置** This command will reboot the device. Continue? \[Y/N\]:**y 确定继续重启** ****步骤 7****重启设备后，Console口密码清除成功，原始配置依然存在，不影响现有网络。