Configuring Security Administrator and FIPS User Identification and Access
Security Administrator and FIPS users perform all configuration tasks for Junos OS in FIPS mode and issue all Junos OS in FIPS mode statements and commands. Security Administrator and FIPS user configurations must follow Junos OS in FIPS mode guidelines.
Configuring Security Administrator Login Access
Junos OS in FIPS mode offers a finer granularity of user permissions than those mandated by FIPS 140-3.
For FIPS 140-3 compliance, any FIPS user with the secret
,
security
, maintenance
, and
control
permission bits set is a Security Administrator. In
most cases the super-user
class suffices for the Security
Administrator.
To configure login access for a Security Administrator:
Configuring FIPS User Login Access
A fips-user
is defined as any FIPS user that does not have the
secret
, security
,
maintenance
, and control
permission bits set. As
the Security Administrator, you set up FIPS users.
To configure login access for a FIPS user: