Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Zeroizing the System

As Crypto Officer, the administrator run the request system zeroize command to remove all user-created files from a device and replace the user data with zeros. This command completely erases all configuration information on the Routing Engines, including all rollback configuration files and plain-text passwords, secrets, and private keys for SSH, local encryption, local authentication, and IPsec.

To zeroize the device:

CAUTION:

Perform system zeroization with care. After the zeroization process is complete, no data is left on the Routing Engine. The device is returned to the factory default state, without any configured users or configuration files.

Note:

Key destructions will always be completed if zeroization is allowed to finish.

  1. Connect to the device on the console port. Enter the following command:
    Note:

    Console connection is required since the device will not have any configurations on it to allow connections on the management interface.
  2. To initiate the zeroization process, type yes at the prompt:

    The entire operation can take considerable time depending on the size of the media, but all critical security parameters (CSPs) are removed within a few seconds. The physical environment must remain secure until the zeroization process is complete.

Related Documentation