Re: [j-nsp] best practices for cleaning the router for new deployment
I executed request system zeroize, but it wasn't as destructive as I was hoping- for example old directories under /var/home/ were still present, show system commit data was not deleted. On the other hand, all the old configuration files(juniper.conf.[1-3].gz) were deleted and router came up with the very default configuration. I deleted show system commit information using the following technique: root start shell sh # echo /var/db/commits # exit root I guess the easiest option to really zero-fill the router would be to reinstall the JUNOS using the install-media. However, this requires physical access. In case there is only remote console access to the router, those three steps should clear the router to the factory default state: 1) request system zeroize 2) echo /var/db/commits 3) rm -rf /var/home/* ..or will there be any personal information left after those three steps? regards, martin 2011/8/22 Martin T m4rtn...@gmail.com: Chris, Dale: request system zeroize will according to description Erase all data, including configuration and log files. Are the files under user directories in /var/home/ deleted as well? What about users? And am I correct, that request system zeroize doesn't affect system files- I mean after executing the zeroize and rebooting the router, it boot's up nicely with the currently installed JUNOS just all the configuration, log and temporary files are deleted? regards, martin 2011/8/22 Dale Shaw dale.shaw+j-...@gmail.com: Hi Martin, On Mon, Aug 22, 2011 at 9:45 AM, Martin T m4rtn...@gmail.com wrote: What are the best practices for cleaning the router in order to deploy it in some other site? We usually go with request system zeroize cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] best practices for cleaning the router for new deployment
Martin T writes: ..or will there be any personal information left after those three steps? /var/etc/ has the *- files from the previous commit /var/run/db/ may have old binary config databases /var/tmp/ may have random bits (.scp files, core files, etc) /var/log/ may have old log files and accounting profile data /var/db/scripts/ may have old scripts /root/.ssh/ may have old keys /config/ may have old config files /var/db/config may have old config files zeroise may cover one or more of these, but I'm just listing directories off the top of my head. Be aware that even a reinstall will carry over some /var/db/ files (like scripts). Thanks, Phil ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] best practices for cleaning the router for new deployment
I think request system zeroize is what you're looking for. - Chris. On 2011-08-22, at 9:45 AM, Martin T wrote: What are the best practices for cleaning the router in order to deploy it in some other site? I did set system root-authentication plain-text-password in order to have some sort of temporary root password. Then I set configuration file to defaults using the load factory-default. After this I did request system storage cleanup in order to delete all the log files and temporary files. How to clear show system commit output? Any additional suggestions for cleaning the router? regards, martin ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] best practices for cleaning the router for new deployment
Hi Martin, On Mon, Aug 22, 2011 at 9:45 AM, Martin T m4rtn...@gmail.com wrote: What are the best practices for cleaning the router in order to deploy it in some other site? We usually go with request system zeroize cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] best practices for cleaning the router for new deployment
Chris, Dale: request system zeroize will according to description Erase all data, including configuration and log files. Are the files under user directories in /var/home/ deleted as well? What about users? And am I correct, that request system zeroize doesn't affect system files- I mean after executing the zeroize and rebooting the router, it boot's up nicely with the currently installed JUNOS just all the configuration, log and temporary files are deleted? regards, martin 2011/8/22 Dale Shaw dale.shaw+j-...@gmail.com: Hi Martin, On Mon, Aug 22, 2011 at 9:45 AM, Martin T m4rtn...@gmail.com wrote: What are the best practices for cleaning the router in order to deploy it in some other site? We usually go with request system zeroize cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
