Exiting FIPS mode through manual reboot
Network requirements
A user has logged in to the device in FIPS mode through SSH with a username of test and a password of 12345zxcvb!@#$%ZXCVB.
Use the manual reboot method to exit FIPS mode.
Configuration procedure
# Disable FIPS mode.
[Sysname] undo fips mode enable FIPS mode change requires a device reboot. Continue? [Y/N]:y The system will create a new startup configuration file for non-FIPS mode, and then reboot automatically. Continue? [Y/N]:n Change the configuration to meet non-FIPS mode requirements, save the configuration to the next-startup configuration file, and then reboot to enter non-FIPS mode.
# Set the authentication mode for VTY lines to scheme.
[Sysname] line vty 0 63 [Sysname-line-vty0-63] authentication-mode scheme
# Save the current configuration to the root directory of the storage medium, and specify it as the startup configuration file.
[Sysname] save The current configuration will be written to the device. Are you sure? [Y/N]:y Please input the file name(*.cfg)[flash:/startup.cfg] (To leave the existing filename unchanged, press the enter key): flash:/startup.cfg exists, overwrite? [Y/N]:y Validating file. Please wait... Saved the current configuration to mainboard device successfully. [Sysname] quit
# Delete the startup configuration file in binary format.
<Sysname> delete flash:/startup.mdb Delete flash:/startup.mdb?[Y/N]:y Deleting file flash:/startup.mdb...Done.
# Reboot the device.
<Sysname> reboot
Verifying the configuration
After the device reboots, enter a username of test and a password of 12345zxcvb!@#$%ZXCVB to enter non-FIPS mode.
Press ENTER to get started. login: test Password: Last successfully login time:… … <Sysname>
# Display the current FIPS mode state.
<Sysname> display fips status FIPS mode is disabled.