security
Syntax
security {
authentication-key-chains {
key-chain key-chain-name {
key key {
secret secret-data;
start-time yyyy-mm-dd.hh:mm:ss;
}
}
certificates {
cache-size bytes;
cache-timeout-negative seconds;
certification-authority ca-profile-name {
ca-name ca-identity;
crl file-name;
encoding (binary | pem);
enrollment-url url-name;
file certificate-filename;
ldap-url url-name;
}
enrollment-retry attempts;
local certificate-filename {
certificate-key-string;
load-key-file key-file-name;
}
maximum-certificates number;
path-length certificate-path-length;
}
ssh-known-hosts {
host {
fetch-from-server host-name;
load-key-file file-name;
}
}
traceoptions {
file filename <files number> <size size>;
flag flag;
level level;
no-remote-trace
}
}
Hierarchy Level
[edit]
Description
CAUTION:
Enabling tracing can adversely impact scale and performance and may increase security risk. We strongly recommend using the trace, tracing, or traceoptions commands only under the guidance of a JTAC support engineer. After collecting the debug information, immediately disable tracing to minimize risk and restore normal system performance.
Configure security services. Most of the configuration statements do not have default values. If you do not specify an identifier for a statement that does not have a default value, you cannot commit the configuration.
Options
Required Privilege Level
Release Information
Statement introduced in Junos OS Release 11.1.