Password Reset Doesn't Hold - ICX7150-C12P

[nohm.saiyan]

Recently, I purchased a used Ruckus ICX7150-C12P from ebay that seems to have a non-default password on it, and also had a corrupted primary partition. I'd like to avoid that hassle of returning it, and hunting down a new one. Plus I got this to tinker with, anyway.

Anyhow - I was able to recover the primary partition by booting through TFTP, and then copying the latest revision (08095d w/ mnz10115.bin bootloader) to the primary partition. That seems to have succeeded. However, the password issue that was affecting the secondary partition, also affects the primary.

Using the "no password" command in the boot loader does allow me to log into the primary partition, where I enter the following:
ICX7150-C12 Router> en
ICX7150-C12 Router(conf)# conf t
ICX7150-C12 Router(conf)# enable super-user-password password
ICX7150-C12 Router(conf)# wr mem
ICX7150-C12 Router(conf)# end
ICX7150-C12 Router# reload

The switch warm reboots to the primary partition where it prompts for login. The password I've setup isn't recognized.

While digging for solutions, I came across a few posts where Lennar home owners were also unable to log into their ICX7150-C12. Some were, with the password "Lennar". I've confirmed with the seller, that this switch did come from a Lennar home.

I've must've tried every iteration of username (root, admin, super, Lennar, etc.) and password (sp-admin, password, admin, Lennar, Ruckus!, Ruckus). I've tried factory resetting it many times, but it doesn't seem to change anything for me.
It's almost 4am, and I'm stumped.
I'm down to just hoping someone here has heard of this, or knows what can be done to truly nuke the password on an ICX7150.

 

[nohm.saiyan]

Wow, I guess I just needed to write this up, because I've just stumbled into the solution. Apparently all the previous factory resets that I've done, actually depend on the primary partition having a functional OS to do so. I dunno why I assumed it worked on a lower level than that, but now it seems that the factory reset hardware simply flags to the OS to perform the reset.

Huh. Well, maybe this well help someone else some day.

 

[fohdeesha]

Wow, I guess I just needed to write this up, because I've just stumbled into the solution. Apparently all the previous factory resets that I've done, actually depend on the primary partition having a functional OS to do so. I dunno why I assumed it worked on a lower level than that, but now it seems that the factory reset hardware simply flags to the OS to perform the reset.

Huh. Well, maybe this well help someone else some day.

yup, it's performed entirely in the OS. I posted details on the routine in the ICX megathread we have here:

as we already have the "factory set-default" command, which does the same thing but is more thorough. Here's the factory set-default routine: ICX7150 u-boot factory default routine

This one is even simpler, it just sets a u-boot environment variable named fips_reset to a value of "fipsreset" (the value is usually blank). In u-boot this is one of many environment variables that get appended to the boot argument that gets sent to linux (/proc/cmdline). So by default when it's blank, nothing is appended, but when it's set, the word "fipsreset" is appended to what gets passed to /proc/cmdline - then if we look in the linux OS, at the main init script that brings the system and then fastiron up, we see a routine that specifically searches for "fipsreset" in the cmdline, and if it's found, deletes pretty much everything (except licenses) - FI 8080b fips_reset routine (from /etc/init.sh)