Protect Network Security by Configuring the Root Password
Configure the root password on your Juniper Networks device to help prevent unauthorized users from making changes to your network. The root user (also referred to as superuser) has unrestricted access and full permissions within the system, so it is crucial that you protect this account by setting a strong password when setting up a new device.
After you initially power on a new device, you log in as the user
root
with no password. The software requires you to configure
the root password before it accepts a commit operation.
To set the root password, you have three options:
-
Enter a plain-text password that the software encrypts.
-
Enter a password that is already encrypted.
-
Enter a Secure Shell (SSH) public key string.
Among these options, using a pre-encrypted password or an SSH public key string is the most secure. If you use one of these methods, then the plain-text version of your password will never be transferred over the Internet, protecting it from being intercepted by a man-in-the-middle attack.
Optionally, instead of configuring the root password at the [edit
system]
hierarchy level, you can use a configuration group to
strengthen security.
To set the root password:
Change History Table
Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.