Depends on how paranoid you are... this is probably overdoing it. Start shell (boot in single user if you can by interrupting boot sequence and typing boot -s at loader> prompt, and using 'recovery' shell... still possible remotely if you have terminal server)
# Identify the /config partition: # df -h Filesystem Size Used Avail Capacity Mounted on . . . . . /dev/da0s3e 55M 4.0K 51M 0% /config . . . . . # Choose /dev/da0s3e in this case. # Force unmount the partition: umount -f /dev/da03se for a in 1 2 3 4 5 6 7 8 9; do echo -n "Wipe $a:"; dd if=/dev/zero of=/dev/da0s3e done # Write super block to partition so that it can be remounted newfs /dev/da0s3e # #### Clear logs cd /var/log for a in *; do (cd $a 2>/dev/null && cd ..) && (echo "not a dir: $a") || (rm -f $a; echo ' ' > $a; echo "Cleared $a"); done for a in */*; do rm -f $a; echo ' ' > $a; done for a in 0 1 2 3 4 5 6 7 8 9; do echo "Wipe $a"; dd if=/dev/zero of=garbage rm -f garbage sync; sync done # Mount and create some required directories mount /dev/da0s3e mkdir /config/db mkdir /config/db/config mkdir /config/db/commits # Reboot and let device load default configs. # While booting, you should see: Creating initial configuration...mgd: error: Cannot open configuration file: /config/juniper.conf mgd: warning: activating factory configuration # The device will also need to create new key pairs since we blew them away. # The root password will now be empty. # Fix that: cli set system root-authentication plaintext-password commit and-quit request system halt # Fin. Nothing magical... I may have forgotten something. Oh yeah, this takes a while. Chris >>> Andrew Cheng <[email protected]> 07/07/09 1:53 AM >>> Hi There I have to sanitise a large number of routers (ie, remove all configs, logs.. everything), and was wondering if there was a magic way of doing it remotely? There is the tedious way of going through and deleteing /var/log, all configs.. etc etc, but surely there must be a better way? Thanks, Andrew _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
