Supported Platforms
Related Documentation
- ACX, EX, M, MX, PTX, SRX, T Series
- Configuring Checksum Hashes for an Op Script
- ACX, EX, M, MX, QFX, SRX, T Series
- no-allow-url
- EX, J, M, MX, PTX, QFX, SRX, T Series
- file checksum md5 command in the System Basics and Services Command Reference
- file checksum sha-256 command in the System Basics and Services Command Reference
- file checksum sha1 command in the System Basics and Services Command Reference
- EX, J, M, MX, PTX, T Series
- op command in the System Basics and Services Command Reference
Executing an Op Script from a Remote Site
As an alternative to storing operation (op) scripts locally on the device, you can store op scripts at a remote site. This allows you to execute the scripts by specifying a URL on the command line.
To execute an op script from a remote site:
- Create the script.
- (Optional) Store the script temporarily in the
/var/tmpdirectory on the device, and run the script through one or more hash functions to calculate hash values.Junos OS supports MD5, SHA-1, and SHA-256 hash functions.
user@host> file checksum md5 /var/tmp/script1.slaxMD5 (/var/tmp/script1.slax) = 3af7884eb56e2d4489c2e49b26a39a97
user@host> file checksum sha1 /var/tmp/script1.slaxSHA1 (/var/tmp/script1.slax) = 00dc690fb08fb049577d012486c9a6dad34212c0
user@host> file checksum sha-256 /var/tmp/script1.slaxSHA256 (/var/tmp/script1.slax) = 150bf53383769f3bfedd41fe73320777f208d4fda81230cb27b8738
- Place the script on the remote server.
- Provide the script URL and the optional hash values to the administrators who will execute the script.
- Execute the script by running the op command
and specifying the URL that points to the remote file.user@host> op url https://www.juniper.net/scripts/2009-04-01.01.slax
key md5 3af7884eb56e2d4489c2e49b26a39a97This example shows how to include the <key> option and the MD5 checksum information.
 | Note: If the op script is stored locally, do not include the hash key on the command line. Instead, configure the hash value by including the checksum statement at the [edit system scripts op file filename] hierarchy level. During the execution of the script, Junos OS recalculates the checksum value using the configured hash and verifies that the calculated value matches the configured value. |
To prevent the execution of op scripts from remote sites, configure the no-allow-url statement at the [edit system scripts op] hierarchy level.
When you configure the no-allow-url statement, issuing the op url url operational mode command generates an error.
Related Documentation
- ACX, EX, M, MX, PTX, SRX, T Series
- Configuring Checksum Hashes for an Op Script
- ACX, EX, M, MX, QFX, SRX, T Series
- no-allow-url
- EX, J, M, MX, PTX, QFX, SRX, T Series
- file checksum md5 command in the System Basics and Services Command Reference
- file checksum sha-256 command in the System Basics and Services Command Reference
- file checksum sha1 command in the System Basics and Services Command Reference
- EX, J, M, MX, PTX, T Series
- op command in the System Basics and Services Command Reference
Published: 2013-03-05
Supported Platforms
Related Documentation
- ACX, EX, M, MX, PTX, SRX, T Series
- Configuring Checksum Hashes for an Op Script
- ACX, EX, M, MX, QFX, SRX, T Series
- no-allow-url
- EX, J, M, MX, PTX, QFX, SRX, T Series
- file checksum md5 command in the System Basics and Services Command Reference
- file checksum sha-256 command in the System Basics and Services Command Reference
- file checksum sha1 command in the System Basics and Services Command Reference
- EX, J, M, MX, PTX, T Series
- op command in the System Basics and Services Command Reference
