[j-nsp] best practices for cleaning the router for new deployment

Martin T m4rtntns at gmail.com
Mon Aug 22 03:40:47 EDT 2011


I executed "request system zeroize", but it wasn't as destructive as I
was hoping- for example old directories under /var/home/ were still
present, "show system commit" data was not deleted. On the other hand,
all the old configuration files(juniper.conf.[1-3].gz) were deleted
and router came up with the very default configuration. I deleted
"show system commit" information using the following technique:

root> start shell sh
# echo "" > /var/db/commits
# exit

root>

I guess the easiest option to really zero-fill the router would be to
reinstall the JUNOS using the install-media. However, this requires
physical access. In case there is only remote console access to the
router, those three steps should clear the router to the factory
default state:

1) request system zeroize
2) echo "" > /var/db/commits
3) rm -rf /var/home/*

..or will there be any personal information left after those three steps?


regards,
martin

2011/8/22 Martin T <m4rtntns at gmail.com>:
> Chris, Dale:
>
> "request system zeroize" will according to description "Erase all
> data, including configuration and log files". Are the files under user
> directories in /var/home/ deleted as well? What about users? And am I
> correct, that "request system zeroize" doesn't affect system files- I
> mean after executing the zeroize and rebooting the router, it boot's
> up nicely with the currently installed JUNOS just all the
> configuration, log and temporary files are deleted?
>
>
> regards,
> martin
>
>
> 2011/8/22 Dale Shaw <dale.shaw+j-nsp at gmail.com>:
>> Hi Martin,
>>
>> On Mon, Aug 22, 2011 at 9:45 AM, Martin T <m4rtntns at gmail.com> wrote:
>>>
>>> What are the best practices for cleaning the router in order to deploy
>>> it in some other site?
>>
>> We usually go with "request system zeroize"
>>
>> cheers,
>> Dale
>>
>


More information about the juniper-nsp mailing list