Securing the console port – Juniper Networks J-Series User Manual

12.

At the following prompt, enter

recovery

to start the root password recovery

procedure.

Enter full pathname of shell or 'recovery' for root password recovery or
RETURN for /bin/sh: recovery

13.

Enter configuration mode in the CLI.

14.

Set the root password. For example:

user@host# set system root-authentication plain-text-password

For more information about configuring the root password, see the JUNOS System
Basics Configuration Guide.

15.

At the following prompt, enter the new root password. For example:

New password: juniper1

Retype new password:

16.

At the second prompt, reenter the new root password.

17.

If you are finished configuring the network, commit the configuration.

root@host# commit

commit complete

18.

Exit configuration mode in the CLI.

19.

Exit operational mode in the CLI.

20.

At the prompt, enter

y

to reboot the router.

Reboot the system? [y/n] y

Securing the Console Port

You can use the console port on the Services Router to connect to the Routing Engine
through an RJ-45 serial cable. From the console port, you can use the CLI to configure
the router. By default, the console port is enabled. To secure the console port, you
can configure the Services Router to do the following:

■

Log out the console session when you unplug the serial cable connected to the
console port.

■

Disable root login connections to the console.

■

Disable the console port. We recommend disabling the console port to prevent
unauthorized access to the Services Router, especially when the router is used
as customer premises equipment (CPE).

Securing the Console Port

■

23

Chapter 1: Managing User Authentication and Access