Navigation
request system zeroize media
Related Documentation
- ACX, EX, J, M, MX, PTX, T Series
- request system snapshot
- EX Series
- Reverting to the Default Factory Configuration for the EX Series Switch
- Reverting to the Rescue Configuration for the EX Series Switch
- QFX Series
- request system snapshot
- Reverting to the Default Factory Configuration
- Reverting to the Rescue Configuration
- Reverting to the Default Factory Configuration by Using the request system zeroize Command
request system zeroize
Syntax
request system zeroize<media>
Syntax
Release Information
Command introduced before Junos OS Release 9.0.
Command introduced in Junos OS Release 11.2 for EX Series switches.
Option media added in Junos OS Release 11.4 for EX Series switches.
Command introduced in Junos OS Release 12.2 for MX Series devices.
Command introduced in Junos OS Release 12.3 for the QFX Series.
Description
 | Note: The media option is not available on the QFX Series. |
Remove all configuration information on the Routing Engines and reset all key values. If the device has dual Routing Engines, the command is broadcast to all Routing Engines on the device. The command removes all data files, including customized configuration and log files, by unlinking the files from their directories. The command removes all user-created files from the system including all plain-text passwords, secrets, and private keys for SSH, local encryption, local authentication, IPsec, RADIUS, TACACS+, and SNMP.
This command reboots the device and sets it to the factory default configuration. After the reboot, you cannot access the device through the management Ethernet interface. Log in through the console as root and start the Junos OS command-line interface (CLI) by typing cli at the prompt.
To completely erase user-created data so that it is unrecoverable, use the media option.
Options
media | — | (Optional) In addition to removing all configuration and log files, the media option causes memory and the media to be scrubbed, removing all traces of any user-created files. Every storage device attached to the system is scrubbed, including disks, flash drives, removable USBs, and the like. The duration of the scrubbing process is dependent on the size of the media being erased. As a result, the request system zeroize media operation can take considerably more time than the request system zeroize operation. However, the critical security parameters are all removed at the beginning of the process. |
Required Privilege Level
maintenance
Related Documentation
- ACX, EX, J, M, MX, PTX, T Series
- request system snapshot
- EX Series
- Reverting to the Default Factory Configuration for the EX Series Switch
- Reverting to the Rescue Configuration for the EX Series Switch
- QFX Series
- request system snapshot
- Reverting to the Default Factory Configuration
- Reverting to the Rescue Configuration
- Reverting to the Default Factory Configuration by Using the request system zeroize Command
List of Sample Output
request system zeroizerequest system zeroize media
Sample Output
request system zeroize
user@host> request system zeroizewarning: System will be rebooted and may not boot without configuration Erase all data, including configuration and log files? [yes,no] (no) yes
0 1 1 0 0 0 done syncing disks... All buffers synced. Uptime: 5d19h20m26s recorded reboot as normal shutdown Rebooting... U-Boot 1.1.6 (Mar 11 2011 - 04:39:06) Board: EX4200-24T 2.11 EPLD: Version 6.0 (0x85) DRAM: Initializing (1024 MB) FLASH: 8 MB Firmware Version: --- 01.00.00 --- USB: scanning bus for devices... 2 USB Device(s) found scanning bus for storage devices... 1 Storage Device(s) found ELF file is 32 bit Consoles: U-Boot console FreeBSD/PowerPC U-Boot bootstrap loader, Revision 2.4 (user@juniper.net, Fri Mar 11 03:03:36 UTC 2011) Memory: 1024MB bootsequencing is enabled bootsuccess is set new boot device = disk0s1: Loading /boot/defaults/loader.conf /kernel data=0x915c84+0xa1260 syms=[0x4+0x7cbd0+0x4+0xb1c19] Hit [Enter] to boot immediately, or space bar for command prompt. Booting [/kernel]... Kernel entry at 0x800000e0 ... GDB: no debug ports present KDB: debugger backends: ddb KDB: current backend: ddb Copyright (c) 1996-2011, Juniper Networks, Inc. All rights reserved. Copyright (c) 1992-2006 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. JUNOS 11.1R1.8 #0: 2011-03-09 20:14:25 UTC user@juniper.net:/volume/build/junos/11.1/release/11.1R1.8/obj-powerpc/bsd/kernels/
JUNIPER-EX/kernel Timecounter "decrementer" frequency 50000000 Hz quality 0 cpu0: Freescale e500v2 core revision 2.2 cpu0: HID0 80004080 ...
request system zeroize media
user@host> request system zeroize media warning: System will be rebooted and may not boot without configuration
Erase all data, including configuration and log files? [yes,no] (no) yes
warning: ipsec-key-management subsystem not running - not needed by configuration.
warning: zeroizing fpc0
{master:0}
root> Waiting (max 60 seconds) for system process `vnlru' to stop...done
. . .
Syncing disks, vnodes remaining...2 4 2 4 3 2 1 1 0 0 0 done
syncing disks... All buffers synced.
Uptime: 14m50s
recorded reboot as normal shutdown
Rebooting...
U-Boot 1.1.6 (Apr 21 2011 - 13:58:42)
Board: EX4200-48PX 1.1
EPLD: Version 8.0 (0x82)
DRAM: Initializing (512 MB)
FLASH: 8 MB
NAND: No NAND device found!!!
0 MiB
Firmware Version: --- 01.00.00 ---
USB: scanning bus for devices... 2 USB Device(s) found
scanning bus for storage devices... 1 Storage Device(s) found
ELF file is 32 bit
Consoles: U-Boot console
FreeBSD/PowerPC U-Boot bootstrap loader, Revision 2.2
(vtseng@svl-junos-pool27.juniper.net, Fri Feb 26 17:48:51 PST 2010)
Memory: 512MB
Loading /boot/defaults/loader.conf
/kernel data=0x9abfdc+0xb06e4 syms=[0x4+0x83b30+0x4+0xbd7c6]
Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [/kernel] in 1 second... Booting [/kernel]...
Kernel entry at 0x800000e0 ...
GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1996-2011, Juniper Networks, Inc.
All rights reserved.
Copyright (c) 1992-2006 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
JUNOS 11.4R1.2 #0: 2011-10-27 18:05:39 UTC
user@juniper.net:/volume/build/junos/11.4/release/11.4R1.2/obj-powerpc/
bsd/kernels/JUNIPER-EX/kernel
can't re-use a leaf (all_slot_serialid)!
Timecounter "decrementer" frequency 50000000 Hz quality 0
cpu0: Freescale e500v2 core revision 2.2
cpu0: HID0 80004080<EMCP,TBEN,EN_MAS7_UPDATE>
real memory = 511705088 (488 MB)
avail memory = 500260864 (477 MB)
ETHERNET SOCKET BRIDGE initialising
Initializing EXSERIES platform properties ...
. . .
Automatic reboot in progress...
Media check on da0 on ex platforms
** /dev/da0s2a
FILE SYSTEM CLEAN; SKIPPING CHECKS
clean, 20055 free (31 frags, 2503 blocks, 0.0% fragmentation)
zeroizing /dev/da0s1a ...
. . .
zeroizing /dev/da0s3d ...
. . .
zeroizing /dev/da0s3e ...
. . .
zeroizing /dev/da0s4d ...
. . .
zeroizing /dev/da0s4e ...
. . .
syncing disks... All buffers synced.
Uptime: 3m40s
Rebooting...
U-Boot 1.1.6 (Apr 21 2011 - 13:58:42)
Board: EX4200-48PX 1.1
EPLD: Version 8.0 (0x82)
DRAM: Initializing (512 MB)
FLASH: 8 MB
NAND: No NAND device found!!!
0 MiB
Firmware Version: --- 01.00.00 ---
USB: scanning bus for devices... 2 USB Device(s) found
scanning bus for storage devices... 1 Storage Device(s) found
ELF file is 32 bit
Consoles: U-Boot console
FreeBSD/PowerPC U-Boot bootstrap loader, Revision 2.2
(vtseng@svl-junos-pool27.juniper.net, Fri Feb 26 17:48:51 PST 2010)
Memory: 512MB
Loading /boot/defaults/loader.conf
/kernel data=0x9abfdc+0xb06e4 syms=[0x4+0x83b30+0x4+0xbd7c6]
Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [/kernel] in 1 second... Booting [/kernel]...
Kernel entry at 0x800000e0 ...
GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1996-2011, Juniper Networks, Inc.
All rights reserved.
Copyright (c) 1992-2006 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
JUNOS 11.4R1.2 #0: 2011-10-27 18:05:39 UTC
user@juniper.net:/volume/build/junos/11.4/release/11.4R1.2/obj-powerpc/
bsd/kernels/JUNIPER-EX/kernel
can't re-use a leaf (all_slot_serialid)!
Timecounter "decrementer" frequency 50000000 Hz quality 0
cpu0: Freescale e500v2 core revision 2.2
cpu0: HID0 80004080 <EMCP,TBEN,EN_MAS7_UPDATE>
real memory = 511705088 (488 MB)
avail memory = 500260864 (477 MB)
ETHERNET SOCKET BRIDGE initialising
Initializing EXSERIES platform properties ...
. . .
Automatic reboot in progress...
Media check on da0 on ex platforms
** /dev/da0s1a
FILE SYSTEM CLEAN; SKIPPING CHECKS
clean, 20064 free (48 frags, 2502 blocks, 0.1% fragmentation)
zeroizing /dev/da0s2a ...
. . .
Creating initial configuration...mgd: error: Cannot open configuration file: /config/juniper.conf
mgd: warning: activating factory configuration
mgd: commit complete
mgd: ----------------------------------------------------------
mgd: Please login as 'root'. No password is required.
mgd: To start Initial Setup, type 'ezsetup' at the JUNOS prompt.
mgd: To start JUNOS CLI, type 'cli' at the JUNOS prompt.
mgd: ----------------------------------------------------------
Setting initial options: debugger_on_panic=NO debugger_on_break=NO.
Starting optional daemons: .
Doing initial network setup:
. . .
Amnesiac (ttyu0)
Published: 2013-08-15
Related Documentation
- ACX, EX, J, M, MX, PTX, T Series
- request system snapshot
- EX Series
- Reverting to the Default Factory Configuration for the EX Series Switch
- Reverting to the Rescue Configuration for the EX Series Switch
- QFX Series
- request system snapshot
- Reverting to the Default Factory Configuration
- Reverting to the Rescue Configuration
- Reverting to the Default Factory Configuration by Using the request system zeroize Command
