Configure Security Administrator and FIPS User
Security Administrator and FIPS users perform all configuration tasks for Junos OS in FIPS mode and issue all statements and commands. Security Administrator and FIPS user configurations must follow the Junos OS in FIPS mode guidelines.
Configure Security Administrator
Junos OS in FIPS mode offers a finer granularity of user permissions than those
mandated by FIPS 140-3. For FIPS 140-3 compliance, any FIPS user with the
secret, security,
maintenance, and control permission set is
a Security Administrator. In most cases the super-user class
suffices for the Security Administrator.
Junos OS login classes define the access privileges, permissions for using CLI commands and statements. For details, see Login Classes Overview.
To configure login access for a Security Administrator:
Configure FIPS User Login
As a Security Administrator, you can set up FIPS users. The system does not permit FIPS users to have the permissions usually given to the Security Administrator—for example, the permission to zeroize the system.
To configure login access for a FIPS user: