Disabling FIPS Mode
As Crypto Officer, you might need to disable FIPS mode on your router or switch to return it to non-FIPS operation.
For FIPS 140-2 compliance, you must zeroize the system to remove sensitive information before disabling FIPS mode on the router or switch.
To disable FIPS mode in Junos OS:
- Log in to the router or switch with your Crypto Officer
password if you have not already done so:crypto-officer@hostname:fips> request system zeroize
- The device will display below warning messages. Type in
“yes” to proceed with zeroization of device.
warning: System will be rebooted and may not boot without configuration Erase all data, including configuration and log files? [yes,no] (no) yes re0: -------------------------------------------------------------------------- warning: zeroizing re0
- Once zeroize is done, router will reboot with “Factory-default”
setting (without any configuration).
— JUNOS 17.3-20170807.0 built 2017-08-07 05:14:27 UTC
root@host:fips> configure
Entering configuration mode[edit]
root@host:fips#