Statement introduced in Junos OS Release 17.3R2 for NFX series.
Following FIPS password guidelines, use the prompt command, in configuration mode, to specify one key (password) value each for the authentication algorithm and the encryption algorithm in an internal IPsec security association (SA) between internal Routing Engines. You must specify a value for each algorithm.
We recommend using the hexadecimal format for maximum key strength.
You must enter the hexadecimal value for each key twice, and the strings entered must match; otherwise, the key is not set. The hexadecimal key value is never displayed in plain text.
hexadecimal key-value—The encrypted hexadecimal key value:
For the authentication algorithm (HMAC-SHA-256), enter a key consisting of 64 hexadecimal characters.
For the encryption algorithm (3DES-CBC), enter a key consisting of 48 hexadecimal characters.
Required Privilege Level
maintenance—To add and view this statement in the configuration.