request system zeroize (Junos OS)
Syntax
request system zeroize <media> <local>
Description
Use this command to remove all configuration information on the Routing Engines and reset all key values on the device where you run the command.
-
If the device has dual Routing Engines, the command is broadcast to all Routing Engines on the device. As a result, both Routing Engines are zeroized.
-
In a Virtual Chassis or Virtual Chassis Fabric (VCF) composed of EX Series switches (except EX8200 Virtual Chassis) or QFX Series switches, this command operates only on the member switch where you run the command, even if that switch is in the primary Routing Engine role. The command is not forwarded to the backup Routing Engine member or to member switches in the line-card role. To apply this command to more than one member of an EX Series or QFX Series Virtual Chassis or VCF, we recommend you remove and disconnect each of those members from the Virtual Chassis or VCF, and then run the command on each isolated switch individually.
This command removes all data files, including customized configuration and log files, by unlinking the files from their directories. The command removes all user-created files from the system, including all plain-text passwords, secrets, and private keys for SSH, local encryption, local authentication, IPsec, RADIUS, TACACS+, and SNMP.
This command reboots the device and sets it to the factory default configuration.
After the reboot, you cannot access the device through the management Ethernet
interface. Log in through the console as root and start the Junos
OS CLI by typing cli at the prompt.
If the configuration contains the commit synchronize statement at
the [edit system] hierarchy level, and you issue a
commit in the primary Routing Engine, the primary configuration
is automatically synchronized with the backup. If the backup Routing Engine is down
when you issue the commit, the Junos OS displays a warning and
commits the candidate configuration in the primary Routing Engine. When the backup
Routing Engine comes up, its configuration will automatically be synchronized with
the primary. A newly inserted backup Routing Engine or a Routing Engine that comes
up after running the request system zeroize command also
automatically synchronizes its configuration with the primary Routing Engine
configuration.
Starting with Junos OS Release 15.1F3, the request system zeroize
command removes all configuration information on the guest OS for the PTX5000 router
with RE-DUO-C2600-16G, and MX240, MX480, and MX960 with RE-S-1800X4-32G-S.
Starting with Junos OS Release 15.1F5, the request system zeroize
command removes all configuration information on the guest OS for the MX2010 and
MX2020 with REMX2K-1800-32G-S.
On these routers, in order to remove all configuration information on both guest OS
and host OS, use the request vmhost zeroize command.
To completely erase user-created data so that it is unrecoverable, use the
media option.
Options
| media |
(Optional) In addition to removing all configuration and log files,
causes memory and the media to be scrubbed, removing all traces of any
user-created files. Every storage device attached to the system is
scrubbed, including disks, flash drives, removable USBs, and so on. The
duration of the scrubbing process is dependent on the size of the media
being erased. As a result, the On QFX Series platforms running Junos OS Release 14.1X53 or earlier, the
|
| local |
(Optional) Remove all the configuration information and restore all the key values on the active Routing Engine. CAUTION: The Specifying this option has no effect on switches in a Virtual Chassis or
VCF composed of EX Series switches (except EX8200 Virtual Chassis) or
QFX switches, because in these configurations, the |
Required Privilege Level
maintenance
Sample Output
request system zeroize
user@host> request system zeroize
warning: System will be rebooted and may not boot without configuration
Erase all data, including configuration and log files?. In case of Dual RE system, both Routing Engines will be zeroized [yes,no] (no) yes
0 1 1 0 0 0 done
syncing disks... All buffers synced.
Uptime: 5d19h20m26s
recorded reboot as normal shutdown
Rebooting...
U-Boot 1.1.6 (Mar 11 2011 - 04:39:06)
Board: EX4200-24T 2.11
EPLD: Version 6.0 (0x85)
DRAM: Initializing (1024 MB)
FLASH: 8 MB
Firmware Version: --- 01.00.00 ---
USB: scanning bus for devices... 2 USB Device(s) found
scanning bus for storage devices... 1 Storage Device(s) found
ELF file is 32 bit
Consoles: U-Boot console
FreeBSD/PowerPC U-Boot bootstrap loader, Revision 2.4
(user@device.example.net, Fri Mar 11 03:03:36 UTC 2011)
Memory: 1024MB
bootsequencing is enabled
bootsuccess is set
new boot device = disk0s1:
Loading /boot/defaults/loader.conf
/kernel data=0x915c84+0xa1260 syms=[0x4+0x7cbd0+0x4+0xb1c19]
Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [/kernel]...
Kernel entry at 0x800000e0 ...
GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1996-2011, Juniper Networks, Inc.
All rights reserved.
Copyright (c) 1992-2006 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
JUNOS 11.1R1.8 #0: 2011-03-09 20:14:25 UTC
user@device.example.net:/volume/build/junos/11.1/release/11.1R1.8/obj-powerpc/bsd/kernels/
JUNIPER-EX/kernel
Timecounter "decrementer" frequency 50000000 Hz quality 0
cpu0: Freescale e500v2 core revision 2.2
cpu0: HID0 80004080
...
Release Information
Command introduced before Junos OS Release 9.0.
Option media added in Junos OS Release 11.4 for EX Series
switches.
Option local added in Junos OS Release 14.1.