Automatic Installation of Configuration files (J Series Routers)

On J Series routers, you can specify a remote server where configuration files are located. If a configuration file cannot be found on the router’s CompactFlash card, the router automatically retrieves the configuration file from this remote server. For security purposes, you can encrypt these remote files using the DES cipher, and once they have been retrieved, the router decrypts them for use on the server.

To encrypt the files, we recommend the openSSL tool. You can get the openSSL tool at: http://www.openssl.org/. To encrypt the file, use the following syntax:

% openssl enc -des -k passphrase -in original-file -out encrypted-file 

• passphrase—Passphrase used to encrypt the configuration file. The passphrase should be the name of the file without the path information or file extension.
• original-file—Unencrypted configuration file.
• encrypted-file—Name of the encrypted configuration file.

For example, if you are encrypting the active configuration file juniper.conf.gz, the passphrase is juniper.conf. The openSSL syntax used to encrypt the file is:

% openssl enc -des -k juniper.conf -in juniper.conf.gz -out juniper.conf.gz.enc 

For more information about the automatic installation feature, see the J Series Services Router Administration Guide.