Supported Platforms
Related Documentation
- ACX, M, MX, PTX, QFX, T Series
- Example: Configuring the Root Password
- Example: Configuring a Plain-Text Password for Root Logins
- ACX, M, MX, QFX, T Series
- Example: Configuring SSH Authentication for Root Logins
- QFX Series
- Recovering the Root Password
Configuring the Root Password
Junos OS is preinstalled on the router or switch. When the router or switch is powered on, it is ready to be configured. Initially, you log in as the user “root” with no password.
 | Note: If you configure a blank password using the encrypted-password statement at the [edit system root-authentication] hierarchy level for root authentication, you can commit a configuration, but you are not able to log in as superuser and gain root level access to the router or switch. |
After you log in, you should configure the root (superuser) password by including the root-authentication statement at the [edit system] hierarchy level:
If you configure the plain-text-password option, you are prompted to enter and confirm the password:
To load an SSH key file, enter the load-key-file statement. This statement loads RSA (SSH version 1 and SSH version 2) and DSA (SSH version 2) public keys.
You can also configure SSH RSA keys and SSH DSA keys to authenticate root logins. You can configure more than one public RSA or DSA key for SSH authentication of root logins as well as for user accounts. When a user logs in as root, the public keys are referenced to determine whether the private key matches any of them.
If you load the SSH keys file, the contents of the file are copied into the configuration immediately after you enter the load-key-file statement. To view the SSH keys entries, use the configuration mode show command. For example:
20740496252839038203869014158453496417001961060835872296
15634757491827360336127644187426594689320773910834481012
68312595772262546166799927831612350043866091586628382248
97467326056611921489539813965561563786211940327687806538
16960202749164163735913269396344008443 boojum@juniper.net"; #
SECRET-DATA}
Junos-FIPS software has special password requirements. FIPS passwords must be between 10 and 20 characters in length. Passwords must use at least three of the five defined character sets (uppercase letters, lowercase letters, digits, punctuation marks, and other special characters). If Junos-FIPS is installed on the router or switch, you cannot configure passwords unless they meet this standard. If you use the encrypted-password option, then a null-password (empty) is not permitted.
You cannot configure a blank password for encrypted-password using blank quotation marks (" "). You must configure a password whose number of characters range from 1 through 128 characters and enclose the password in quotation marks.
Related Documentation
- ACX, M, MX, PTX, QFX, T Series
- Example: Configuring the Root Password
- Example: Configuring a Plain-Text Password for Root Logins
- ACX, M, MX, QFX, T Series
- Example: Configuring SSH Authentication for Root Logins
- QFX Series
- Recovering the Root Password
Published: 2013-08-15
Supported Platforms
Related Documentation
- ACX, M, MX, PTX, QFX, T Series
- Example: Configuring the Root Password
- Example: Configuring a Plain-Text Password for Root Logins
- ACX, M, MX, QFX, T Series
- Example: Configuring SSH Authentication for Root Logins
- QFX Series
- Recovering the Root Password
