encryption

Syntax

Hierarchy Level

Release Information

Statement introduced before JUNOS Release 7.4.

aes-128-cbc, aes-192-cbc, and aes-256-cbc options added in JUNOS Release 7.6.

Description

Configure an encryption algorithm and key for manual SA.

Options

algorithm—Type of encryption algorithm. The algorithm can be one of the following:

• des-cbc—Has a block size of 8 bytes (64 bits); the key size is 48 bits long.
• 3des-cbc—Has a block size of 8 bytes (64 bits); the key size is 192 bits long.
• aes-128-cbc—Advanced Encryption Standard (AES) 128-bit encryption algorithm.
• aes-192-cbc—Advanced Encryption Standard (AES) 192-bit encryption algorithm.
• aes-256-cbc—Advanced Encryption Standard (AES) 256-bit encryption algorithm.

  Note: For 3des-cbc, the first 8 bytes should differ from the second 8 bytes, and the second 8 bytes should be the same as the third 8 bytes.

key—Type of encryption key. The key can be one of the following:

• ascii-text—ASCII text key. Following are the key lengths, in ASCII characters, for the different encryption options:
  • des-cbc option, 8 ASCII characters
  • 3des-cbc option, 24 ASCII characters
  • aes-128-cbc option, 16 ASCII characters
  • aes-192-cbc option, 24 ASCII characters
  • aes-256-cbc option, 32 ASCII characters
• hexadecimal—Hexadecimal key. Following are the key lengths, in hexadecimal characters, for the different encryption options:
  • des-cbc option, 16 hexadecimal characters
  • 3des-cbc option, 48 hexadecimal characters
  • aes-128-cbc option, 32 hexadecimal characters
  • aes-192-cbc option, 48 hexadecimal characters
  • aes-256-cbc option, 64 hexadecimal characters

Usage Guidelines

See Configuring Encryption.

Required Privilege Level

system—To view this statement in the configuration.

system-control—To add this statement to the configuration.