Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Supported System Access Standards

Junos OS substantially supports the following protocols and applications for remote access to devices: telnet, FTP, rlogin, and finger.

Junos OS substantially supports RFC 1994, PPP Challenge Handshake Authentication Protocol (CHAP).

For jurisdictions without limits on dataplane encryption, that version of Junos OS substantially supports the following RFCs, which define standards for technologies used with Secure Sockets Layer (SSL).

  • RFC 1319, The MD2 Message-Digest Algorithm

  • RFC 1321, The MD5 Message-Digest Algorithm

  • RFC 2246, The TLS Protocol Version 1.0

  • RFC 3280, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

Junos OS substantially supports the following RFCs and standards that apply to the SSH protocol. These are used for control plane administration on devices running Junos OS either directly using the CLI or in conjunction with NETCONF:

  • RFC 4250, The Secure Shell (SSH) Protocol Assigned Numbers

    You can find the assigned SSH numbers at https://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml.

  • RFC 4251, The Secure Shell (SSH) Protocol Architecture

  • RFC 4252, The Secure Shell (SSH) Authentication Protocol

  • RFC 4253, The Secure Shell (SSH) Transport Layer Protocol

  • RFC 4254, The Secure Shell (SSH) Connection Protocol

  • RFC 4256, Generic Message Exchange Authentication for the Secure Shell Protocol (SSH)

    Also known as “keyboard-interactive” authentication.

  • RFC 4335, The Secure Shell (SSH) Session Channel Break Extension

  • RFC 4344, The Secure Shell (SSH) Transport Layer Encryption Modes

    The following encryption methods are supported:

    • aes128-ctr

    • aes192-ctr

    • aes256-ctr

  • RFC 4419, Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol

  • RFC 4432, RSA Key Exchange for the Secure Shell (SSH) Transport Layer Protocol

  • RFC 4819, Secure Shell Public Key Subsystem

    Junos OS supports SSH file transfer protocol (SFTP).

  • RFC 5656, Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer

    The following Elliptic Curves are supported:

    • nistp256

    • nistp384

    • nistp521

    The following public keys are supported:

    • ecdsa-sha2-nistp256

    • ecdsa-sha2-nistp384

    • ecdsa-sha2-nistp521

  • RFC 6668, SHA-2 Data Integrity Verification for the Secure Shell (SSH) Transport Layer Protocol

    The hmac-sha2-256 and hmac-sha2-512 integrity algorithms are supported.

  • RFC 8270, Increase the Secure Shell Minimum Recommended Diffie-Hellman Modulus Size to 2048 Bits

  • OpenSSH per the openssh-portable/PROTOCOL.

    For more information about OpenSSH, see https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.

The following RFCs provide information about TFTP, which Junos OS supports as a remote access protocol. The IETF does not include the RFCs in its Standards track, instead assigning them status “Unknown (Legacy Stream.)”

  • RFC 783, THE TFTP PROTOCOL (REVISION 2)

  • RFC 906, Bootstrap Loading using TFTP

The following RFCs provide information about Transport Layer Security (TLS) protocol, which Junos OS supports to enable client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.

  • RFC 4346, The Transport Layer Security (TLS) Protocol Version 1.1

  • RFC 5346, The Transport Layer Security (TLS) Protocol Version 1.2

  • RFC 8446, The Transport Layer Security (TLS) Protocol Version 1.3

Related Documentation