Junos
Highlighted
Junos

Disable Password recovery

‎03-24-2009 02:13 AM

Hi,

 

I've done a couple of searches and come up with nothing. When I did a M&T Series course a few months back, I recall there being a way to stop the password recovery proceedure. I'd like to enable this on a router that currently sits on a J series (no flash card) that sits at public POP's or telecom exchanges. I'd prefer the system be hard reset and loose the config than people actually doing a password recovery they having full access to the edge network.

 

Anyone know what this command was, I know it exists just can't remember it, find it in my books or my notes.

 

Thanks

 

4 REPLIES 4
Highlighted
Junos

Re: Disable Password recovery

‎03-25-2009 11:54 AM
I wouldn't know but my (more or less educated) guess is that you need a fips version for this.
best regards,

Screenie.
Juniper Ambassador, Instructor,JNCIP
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Highlighted
Junos

Re: Disable Password recovery

‎03-25-2009 12:59 PM
Yes there is a way - in etc/loader.conf change the value of the autoboot delay option to zero - this will prevent the break in for reset.
Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Highlighted
Junos

Re: Disable Password recovery

‎12-11-2018 11:43 AM

Thank you for the information

Highlighted
Junos

Re: Disable Password recovery

‎12-11-2018 12:59 PM

I think the j-series also support the unattended boot mode:

 

https://www.juniper.net/documentation/en_US/junos/topics/concept/unattended-boot-mode-understanding....

 

This will block access to booting in singleuser/receovery mode and that way read the configuration.


--
Best regards,

Jonas Hauge Klingenberg
Juniper Ambassador & Technology Architect, SEC DATACOM A/S (Denmark)
Feedback