Jun 29, 2015 - How To: Reset or Change the Default MikroTik Password. And 8 years in LAN/WLAN design, configuration, implementation and monitoring.
Posted by3 years ago
Archived
I had an incident on our network where I needed to change the password on a lot of units. Anyone that has been responsible for more than a handful of units knows how daunting this task can be. Mikrotik makes password changing relatively easy assuming you have SSH enabled, but Ubiquiti really doesn’t like you poking around in the terminal; never mind changing the password.
After some research I was able to find a way to set the password, unattended, via SSH for both Ubiquiti and Mikrotik with a post-login command script. I was able to put together a small batch file that more or less automates the password changing for Mikrotik and Ubiquiti units as long as two requirements are met: SSH is enabled, all of the devices in the group have the same user name and password.
I put all of this into a small exe that includes all dependencies. It launches a windows and prompts for the user name, old password, new password, and IP address. After the information has been gathered it will launch kiTTy and take advantage of the delayed send command feature to change the password based on the information that was entered and then close once the password has been changed.
I also added the ability to read address lists to help further automate the process. Simply choose “Multi-Mode” from the option list and the exe will read the address lists. The address lists will be created in the users Documents folder, ip-mikrotik.txt and ip-ubnt.txt, the first time the program runs. “Single-Mode” allows the user to change the password one device at a time.
The process is far from automated. The user will still need to manually accept the RSA-Fingerprint for a new, trusted, device and you still have to type out individual IP addresses for the lists. It is also relatively slow in order to give each command time to complete before initiating the next. With all of this in mind if you have ever had to change a large amount of passwords at once you can appreciate any amount of streamlining and with 300+ units this executable helped speed the process up considerably.
I have tested this on Windows Server 2008 R2, Windows 8.1, and Windows 7, but you may need to “unblock” this executable in the properties window in order to launch it. It was a huge help for me and this sub has also helped in the past I wanted to return the favor. Hopefully it will work as well for you as it did for me.
The nitty-gritty:
The syntax that is used for launching kiTTy is as follows:
Here are the device specific commands that are sent based on the information set during the initialization:
Mikrotik:
Ubiquiti:
UPDATE:
After doing some more research. It would seem that the command line argument:
might be the way to fully automate this program. If this is true then this program will be doing all the tasks I wanted it to accomplish from the onset. I have done some initial testing, establishing SSH connections with about 15 new devices, and I haven't been prompted for an RSA-Fingerprint once. I will do a bit more testing before rebuilding the executable.
UPDATE 2:
Added new executable that seems to auto accept RSA Fingerprints.
Updated the Mikrotik portion of the password update based on a tip from /u/lazylion_ca that reduced the password sequence by three seconds. I have ~250 Mikrotik units, this really optimizes the time spent changing their passwords.
New Mikrotik Code Block:
Download Updated: [UbntTik AutoPass - Beta] (https://www.dropbox.com/s/cr6wz3vsb7q69q7/UbntTik-AutoPass-v0.9.zip?dl=0)
100% Upvoted
Posted by3 years ago
Archived
I had an incident on our network where I needed to change the password on a lot of units. Anyone that has been responsible for more than a handful of units knows how daunting this task can be. Mikrotik makes password changing relatively easy assuming you have SSH enabled, but Ubiquiti really doesn’t like you poking around in the terminal; never mind changing the password.
After some research I was able to find a way to set the password, unattended, via SSH for both Ubiquiti and Mikrotik with a post-login command script. I was able to put together a small batch file that more or less automates the password changing for Mikrotik and Ubiquiti units as long as two requirements are met: SSH is enabled, all of the devices in the group have the same user name and password.
I put all of this into a small exe that includes all dependencies. It launches a windows and prompts for the user name, old password, new password, and IP address. After the information has been gathered it will launch kiTTy and take advantage of the delayed send command feature to change the password based on the information that was entered and then close once the password has been changed.
I also added the ability to read address lists to help further automate the process. Simply choose “Multi-Mode” from the option list and the exe will read the address lists. The address lists will be created in the users Documents folder, ip-mikrotik.txt and ip-ubnt.txt, the first time the program runs. “Single-Mode” allows the user to change the password one device at a time.
The process is far from automated. The user will still need to manually accept the RSA-Fingerprint for a new, trusted, device and you still have to type out individual IP addresses for the lists. It is also relatively slow in order to give each command time to complete before initiating the next. With all of this in mind if you have ever had to change a large amount of passwords at once you can appreciate any amount of streamlining and with 300+ units this executable helped speed the process up considerably.
I have tested this on Windows Server 2008 R2, Windows 8.1, and Windows 7, but you may need to “unblock” this executable in the properties window in order to launch it. It was a huge help for me and this sub has also helped in the past I wanted to return the favor. Hopefully it will work as well for you as it did for me.
The nitty-gritty:
The syntax that is used for launching kiTTy is as follows:
Here are the device specific commands that are sent based on the information set during the initialization:
Mikrotik:
Ubiquiti:
UPDATE:
After doing some more research. It would seem that the command line argument:
might be the way to fully automate this program. If this is true then this program will be doing all the tasks I wanted it to accomplish from the onset. I have done some initial testing, establishing SSH connections with about 15 new devices, and I haven't been prompted for an RSA-Fingerprint once. I will do a bit more testing before rebuilding the executable.
UPDATE 2:
Added new executable that seems to auto accept RSA Fingerprints.
Updated the Mikrotik portion of the password update based on a tip from /u/lazylion_ca that reduced the password sequence by three seconds. I have ~250 Mikrotik units, this really optimizes the time spent changing their passwords.
New Mikrotik Code Block:
Download Updated: [UbntTik AutoPass - Beta] (https://www.dropbox.com/s/cr6wz3vsb7q69q7/UbntTik-AutoPass-v0.9.zip?dl=0)
100% Upvoted