Clear your switches properly! Failed “system archival” transfers are kept on the device even after running a zeroize.

Just a very quick one here as I recently came across some unknown configs in our archival backup server after configuring some refurbished switches for “system archival” and committing.

I found config backup files had been transferred which belonged to the previous owner!

The switches were zeroized prior to provisioning them on our network.

When using the system archival feature in Juniper and the transfer fails, the config is left in /var/transfer/config, files in here remain even after a “request system zeroize”. Once the switch is configured for system archival again then all files in that directory are pushed to the configured destination.

So, before selling or discarding any Juniper equipment, remember to check /var/transfer/config if System Archival has ever been used within your configuration.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.