How to Enable and Configure Junos OS in FIPS Mode of Operation
You, as Cryptographic Officer, can enable and configure Junos OS in FIPS mode of operation on your device. Before you begin enabling and configuring FIPS mode of operation on the device:
Verify the secure delivery of your device. See Identifying Secure Product Delivery.
To enable the Junos OS in FIPS mode of operation, perform the following steps:
- Zeroize the device before enabling FIPS mode of operation
user@host> request system zerioze
- Delete the web management services.
user@host# delete system services web-management https
- Enable the FIPS mode on the device.
user@host# set system fips level 2
- Set the root password.
user@host# set system root-authentication plain-text-password
New password: type password here
Retype new password: retype password here
- Remove the CSPs on commit check and reboot the device.
- After you reboot the device, perform integrity and self-tests when the module is operating in FIPS mode.
user@host:fips> show version Hostname: host-srx380 Model: srx380-poe-ac Junos: 20.4R1 JUNOS Software Release [20.4R1]