If you forget the root password for an SRX firewall device, you can use the password recovery procedure to reset the root password. This procedure also involves disabling the watchdog functionality to allow the system to properly boot into single-user mode
Procedure to follow
Power on the device by pressing the power button on the front panel. Verify that the POWER LED on the front panel turns green.The device’s boot sequence on your management device appears on the terminal emulation screen.
When the autoboot completes, press the Spacebar a few times to access the bootstrap loader prompt.
In operational mode, disable the watchdog functionality and enter boot -s to start up the system in single-user mode.
loader>boot -s
The SRX firewall device will start up in single-user mode.
Enter recovery to start the root password recovery procedure.
System watchdog timer disabled.
Enter full pathname of shell or ‘recovery’ for root password recovery or RETURN for /bin/sh: recovery
Enter configuration mode in the CLI.
Set the root password.
[edit]
user@host# set system root-authentication plain-text-password
Enter the new root password.
New password: juniper1
Retype new password:
At the second prompt, reenter the new root password.
If you are finished configuring the network, commit the configuration.
root@host# commit
commit complete
Exit from configuration mode and Exit from operational mode.
Enter y to reboot the device.
Reboot the system? [y/n] y
The start up messages display on the screen.
Once again, press the Spacebar a few times to access the bootstrap loader prompt.
In operational mode, enable the watchdog functionality and enter boot to start up the system.
loader>watchdog enable
loader>boot
The SRX firewall device starts up again and prompts you to enter a user name and password. Enter the newly configured password:
Deviceabc (ttyu0)
login: root
Password: juniper1