open.itworld.com
  Search  
Security Home Page Security Webcasts Security White Papers Security Newsletters Security News Open Topics Careers ITworld Voices ITwhirled The Security site of ITworld.com

Unix Tip: Recovering control of a firmware password protected system

 ITworld.com 1/10/2007

Sandra Henry-Stocker, ITworld.com

Send in your Unix questions today! | See additional Unix tips and tricks

Firmware passwords can be a very useful security measure when you need to keep systems stable in spite of the fact that they may be exposed to unauthorized individuals, but they can also present a time-consuming challenge if you acquire such a system and don't know the password that was set or if you forget. Having recently purchased some used Sun systems off eBay, I quickly discovered that one of the systems had been configured with a firmware password that the seller didn't know, so I was forced to find a way to overcome this security setting before I could attempt to take control of the system and reinstall it.

For some systems, a forgotten firmware password is not especially troublesome. If you know the root password and the system will boot, you can boot the system and use the eeprom command to change the security settings that make the firmware password active. To inactivate a firmware password, set the security mode to "none" with this command: 

# eeprom security-mode=none
The eeprom command, /usr/sbin/eeprom, is used to display or change the values of parameters stored in the EEPROM on your system. Of course, if the security mode is set to full, you will not be able to issue to boot command without knowing the firmware password. If this is the case with your system and/or you don't know the root password, gaining control can require some messy intervention. I ended up repowering the system, then pulling out and then reseating the system's NVRAM. At this point, the settings were lost. I was able to boot from CD and reinstall the system. I also had to reprogram the NVRAM. My MAC address, for example, which had reverted to all zeroes, needed to have a legitimate address. If you are able to capture the system's original MAC address before you yak and replace the NVRAM, you can put it back using a procedure written up on www.squirrel.com. The following commands would set the MAC address and hostid of the system to 8:0:20:c0:ff:ee and 57c0ffee. The machine type in this example refers to an IPX -- a Sun system dating back to the mid 90's -- so you might want to first determine the correct system type for your system. Keep in mind, too, that you won't want to use the MAC address 8:0:20:c0:ff:ee for more than one system on your network. 
1 0 mkp
real-machine-type 1 mkp
8 2 mkp
0 3 mkp
20 4 mkp
c0 5 mkp
ff 6 mkp
ee 7 mkp
0 8 mkp
0 9 mkp
0 a mkp
0 b mkp
c0 c mkp
ff d mkp
ee e mkp
0 f 0 do i idprom@ xor loop f mkp
In my case, I was installing the Sparc system for use on my home network and I wanted Solaris 10. Once I got past the firmware password problem, the rest of the install went smoothly and the system is running well. You can sometimes acquire Sun systems (e.g., Netra X1s, SunFire V100s, SunBlades and such) for between $20 and $100. If you would like a Solaris playground to learn things you might not have an opportunity to try on production systems at work, you might get some good buys on eBay. Just be prepared. You may have to wrestle with some of your wins before you can put them into service.

On this topic
Unix Tip: Reassembling Very Large "split" Files
Unix Tip: Experimenting with Rsync
Unix Tip: Shuffling file systems with rsync
Building a Monitoring Infrastructure with Nagios
Get practical tips, IT news, how-tos, and the best in tech humor.

 

 Sandra Henry-Stocker has been administering Unix systems for more than 18 years. She describes herself as "USL" (Unix as a second language) but remembers enough English to write books and buy groceries. She currently works for TeleCommunication Systems, a wireless communications company, in Annapolis, Maryland, where no one else necessarily shares any of her opinions. She lives with her second family on a small farm on Maryland's Eastern Shore. Send comments and suggestions to bugfarm@gmail.com.
Sponsored Links

Sign up for a Microsoft Dynamics® CRM WEBCAST
Hear globally recognized leaders in customer strategy discuss the importance and evolution of CRM.
Sun Microsystems' - FREE 60 DAY TRIAL OFFER!
Test Sun's Newest Servers BEFORE YOU BUY. Plug Them In With Access To Full Technical Support.
100% Web Based Help Desk Software
Easy to use, customizable to meet your needs, powerful and scalable. Free online demo. Try it today!
Sign up for a Microsoft Dynamics® CRM WEBCAST
Hear globally recognized leaders in customer strategy discuss the importance and evolution of CRM.
Used and Refurbished HP ProCurve Switches
Lifetime Warranties, Professional Testing & Shipping on all HP Equipment Purchases!
» Buy a link now

Advertisements
Sponsored links
Locate Hidden Software on business PCs with this free tool
Bring harmony to your mix of UNIX-Linux-Windows computing environments
Top 5 Reasons to Combine App Performance and Security
KODAK i1400 Series Scanners stand up to the challenge
Home  Open source Operating systems Unix
www.itworld.com    open.itworld.com     security.itworld.com     smallbusiness.itworld.com
storage.itworld.com     utilitycomputing.itworld.com     wireless.itworld.com

 
Contact Us   About Us   Privacy Policy    Terms of Service   Reprints  

CIO   Computerworld   CSO   GamePro   Games.net   IDG Connect   IDG World Expo   Infoworld   ITworld   JavaWorld   LinuxWorld  MacUser   Macworld   Network World   PC World   Playlist  

Copyright © Computerworld, Inc. All rights reserved

Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.