Recover the Root Password for vSRX Virtual Firewall in a KVM Environment

If you forget the root password for a vSRX Virtual Firewall instance deployed in a KVM environment, use this password recovery procedure to reset the root password. (KB article 31790).

Note:

You need console access to recover the root password

To recover the root password for a vSRX Virtual Firewall instance:

Reboot the vSRX Virtual Firewall instance by entering the virsh reboot command, specifying either domain-id or domain-name.
Immediately attempt to login to the vSRX Virtual Firewall instance by entering the virsh console domain-name command to access the vSRX Virtual Firewall console.
Note:
We recommend that you specify domain-name when attempting the vSRX Virtual Firewall instance login. It is possible that domain-id might change after the vSRX Virtual Firewall instance reboot.
After login you will see a prompt similar to Escape character is ^]. Press Enter two or three times until the boot process begins. Continue with the boot process until you see the following prompt:
Press the space bar two or three times to stop the boot sequence, and then enter boot -s to login to single-user mode.
Enter recovery to start the root password recovery procedure.
Once the script terminates you will be in vSRX Virtual Firewall operational mode.
Enter configuration mode in the CLI.

Set the root password.

Enter the new root password.

At the second prompt, reenter the new root password.
If you are finished configuring the new root password for the vSRX Virtual Firewall instance, commit the configuration.
Exit from configuration mode.
Exit from operational mode.
Enter y to reboot the device.
The start up messages display on the screen.
Once again, press the space bar two or three times to access the bootstrap loader prompt.
The vSRX Virtual Firewall instance starts up again and prompts you to enter a user name and password. Enter the newly configured password.