request system filesystem encryption enable
Syntax
request system filesystem encryption enable <dry-run | re0 | re1>
Prerequisites
Following are the prerequisites to enable file-system encryption:
-
System contains a TPM2.0 with IDevID provisioned.
-
System having single or redundant disk are supported.
-
Take data backup of configurations and log files.
Description
When you enable encryption process on the file-system, the conversion process starts with the backup routing engine followed by the active Routing Engine. In the case of redundant disks, the conversion starts with the primary disk followed by the secondary disk to avoid loss of data.
Once enabled, the encryption cannot be disabled and all the software image versions that does not support file-system encryption are deleted.
Options
| none |
Enable file-system encryption on all Routing Engines. |
||||||||||
| dry-run |
(Optional) Display the file-system encryption message without running the encryption process. |
||||||||||
| re0 |
(Optional) Enable file-system encryption on RE0. |
||||||||||
| re1 |
(Optional) Enable file-system encryption on RE1. |
||||||||||
| routing-engine |
(Optional) Enable file-system encryption on the specified Routing Engine. Use one of the following options to specify the Routing Engine:
|
Required Privilege Level
maintenance
Sample Output
- request system filesystem encryption enable (Junos OS)
- request system filesystem encryption enable (Junos OS Evolved)
request system filesystem encryption enable (Junos OS)
user@host> request system filesystem encryption enable
Please check the message on enabling filesystem encryption enable using the dry-run option. i.e. request system filesystem encrypton enable dry-run Do you want to proceed ? [yes,no] (no) yes Enable filesystem encryption ? [yes,no] (no) yes A vmhost reboot is required to start filesystem encryption.
During the conversion process, the vmhost reboot using request vmhost
reboot is required to start file-system encryption and to reflect the
changes.
request system filesystem encryption enable (Junos OS Evolved)
user@host> request system filesystem encryption enable
Please check the message on enabling filesystem encryption enable using the dry-run option. i.e. 'request system filesystem encrypton enable dry-run' Do you want to proceed ? [yes,no] (no) yes ------------------------------- node: re0 ------------------------------- Removing version junos-evo-install-ptx-x86-64-23.4R2.14-EVO... Removing external packages for junos-evo-install-ptx-x86-64-23.4R2.14-EVO... Done. Done. A reboot is required to start the encryption. Issue 'request system reboot' command when ready.
Release Information
Command introduced in Junos OS Release 22.3R1.