 | Copyright © 2008, Juniper Networks, Inc. All Rights Reserved. Trademark Notice. | |
JUNOS-FIPS offers a finer granularity of user permissions than those mandated by FIPS 140-2.
For FIPS 140-2 conformance, any JUNOS-FIPS user with the secret, security, maintenance, and control permission bits set is a Crypto Officer. In most cases the super-user class should suffice for the Crypto Officer.
A junos-fips-user can be defined as any JUNOS-FIPS user that does not have the secret, security, maintenance, and control permission bits set.
The following is an example Crypto Officer user configuration:
- [edit system]
- login {
-
- user crypto-officer {
- uid 6400;
- class super-user;
-
- authentication {
- encrypted-password “$sha1$2048$abcdef$87dfg4FGpim85qrs�?;
- }
-
- class super-user {
- permissions all;
- }
- }
- }
| Copyright © 2008, Juniper Networks, Inc. All Rights Reserved. Trademark Notice. | |