A critical element of ensuring high availability for your JUNOS device involves protecting and hardening it from outside attacks. The following are issues to consider.
It is amazing how many networking devices in production networks have weak passwords or, worse yet, still have default passwords in place! Ensuring that your devices use strong passwords is one of the simplest steps you can take to harden the device. Every company has its own standard for what constitutes a “strong” password, but a good guideline is to use at least eight characters, and a mix of upper- and lowercase letters, numbers, and symbols.
JUNOS devices require that passwords be at least six characters long and contain at least one change of case or character class (i.e., numbers or symbols).
There are a variety of ways to enter passwords for user accounts
on JUNOS devices. The following example shows the password options for
an account called
[edit system login] lab@r1#
set user testuser authentication ?Possible completions: + apply-groups Groups from which to inherit configuration data + apply-groups-except Don't inherit configuration data from these groups encrypted-password Encrypted password string load-key-file File (URL) containing one or more ssh keys plain-text-password Prompt for plain text password (autoencrypted) > ssh-dsa Secure shell (ssh) DSA public key string > ssh-rsa Secure shell (ssh) RSA public key string
As you can see, ...