Disabling FIPS Mode
As Crypto Officer, you might need to disable FIPS mode on your switch to return it to non-FIPS operation.
For FIPS 140-2 compliance, you must zeroize the system to remove sensitive information before disabling FIPS mode on the switch.
To disable FIPS mode in Junos OS:
- Log in to the switch with your Crypto Officer password
if you have not already done so:crypto-officer@switch:fips>
- Follow the instructions in Zeroizing the System (FIPS Mode) to zeroize the switch.
- When the system finishes rebooting, log in to the switch
again with your Crypto Officer password and enter configuration mode:
— JUNOS 17.4R1-S4-20170816 04:12:22 UTCcrypto-officer@switch> configure
Entering configuration mode
- Commit the configuration change:
crypto-officer@switch:fips# commit configuration check succeeds commit complete