Ever need to SSH directly into a Fortiswitch that is managed by a Fortigate and don’t have the password?
Its not a good time.
Luckily, there is a way to override / change the local admin password on all managed Fortiswitches at the same time!
By default, each FortiSwitch has an admin account without a password. To replace the admin passwords for all FortiSwitch units managed by a FortiGate, use the following commands from the FortiGate CLI:
config switch-controller switch-profile
edit default
set login-passwd-override {enable | disable}
set login passwd <password>
next
end
If you had already applied a profile with the override enabled and the password set and then decide to remove the admin password, you need to apply a profile with the override enabled and no password set; otherwise, your previously set password will remain in the FortiSwitch.
For example:config switch-controller switch-profile
edit default
set login-passwd-override enable
unset login-passwd
next
end
Then run the first set of commands posted with the desired password.
Need networking help or assistance?
Email me directly to set up a consulting session!
