Juniper Networks J-Series Network Router User Manual


 
Encrypting Configuration Files
To encrypt configuration files on a Services Router:
1. Enter operational mode in the CLI.
2. To configure an encryption key in EEPROM and determine the encryption
process, enter one of the request system set-encryption-key commands described
in Table 103 on page 204.
Table 103: request system set-encryption-key Commands
DescriptionCLI Command
Sets the encryption key and enables default configuration file encryption as follows:
AES encryption for the Canada and U.S. version of the JUNOS software
DES encryption for the international version of the JUNOS software
request system set-encryption-key
Sets the encryption key and specifies configuration file encryption by DES.
request system set-encryption-key
algorithm des
Sets the encryption key and enables default configuration file encryption with a unique
encryption key that includes the chassis serial number of the Services Router.
Configuration files encrypted with the unique key can be decrypted only on the current
router. You cannot copy such configuration files to another router and decrypt them.
request system set-encryption-key
unique
Sets the encryption key and specifies configuration file encryption by DES with a
unique encryption key.
request system set-encryption-key des
unique
For example:
user@host> request system set-encryption-key
Enter EEPROM stored encryption key:
3. At the prompt, enter the encryption key. The encryption key must have at least
6 characters.
Enter EEPROM stored encryption key:juniper1
Verifying EEPROM stored encryption key:
4. At the second prompt, reenter the encryption key.
5. Enter configuration mode in the CLI.
6. To enable configuration file encryption to take place, enter the following
commands:
user@host# edit system
204 Encrypting and Decrypting Configuration Files
J-series Services Router Administration Guide