Setting a Default Configuration File for the Startup with Base Configuration

After devices are upgraded to the current version and start with base configuration, engineers need to perform onsite configuration, which is inconvenient for O&M. To implement plug-and-play upon the restart of an unconfigured device, specify a default configuration file for the device. For details, see Specifying the Configuration File to Be Loaded at the Next Startup. Note that the default configuration file must contain configurations required by the plug-and-play function. When the unconfigured device starts the next time, it uses the default configuration file for configuration restoration. The default-custom.defcfg file is the default configuration file provided by the device and is used only when the device goes online for the first time. You can modify the file as required. The details are as follows:

• Router mode

  #
  aaa
   local-user root password irreversible-cipher $1c$]f(3Q<j7uS$!0!)8@e`\+lj]vQx\2l&y-$M(|\n_ERFU_BF$!6X$
   local-user root service-type ssh
   local-user root user-group manage-ug
   local-user root expire 2000-01-01
   local-user root init-password
   user-password password-force-change disable
  #
  snmp-agent protocol source all-interface
  #
  stelnet server enable
  snetconf server enable
  ssh user root
  ssh user root authentication-type password
  ssh user root service-type stelnet snetconf
  ssh server-source all-interface
  ssh ipv6 server-source all-interface
  #
  ssh server key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 dh_group14_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521
  #
  ssh server publickey ecc rsa rsa_sha2_256 rsa_sha2_512
  #
  ssh client key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 dh_group14_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521
  #
  ssh client publickey ecc rsa rsa_sha2_256 rsa_sha2_512
  #
  return

• PTN mode

  #
  aaa
   local-user root password irreversible-cipher $1c$]f(3Q<j7uS$!0!)8@e`\+lj]vQx\2l&y-$M(|\n_ERFU_BF$!6X$
   local-user root service-type ssh mml
   local-user root user-group manage-ug
   local-user root expire 2000-01-01
   local-user root init-password
   user-password password-force-change disable
  #
  snmp-agent protocol source all-interface
  #
  stelnet server enable
  snetconf server enable
  ssh user root
  ssh user root authentication-type password
  ssh user root service-type stelnet snetconf
  ssh server-source all-interface
  ssh ipv6 server-source all-interface
  #
  ssh server key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 dh_group14_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521
  #
  ssh server publickey ecc rsa rsa_sha2_256 rsa_sha2_512
  #
  ssh client key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 dh_group14_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521
  #
  ssh client publickey ecc rsa rsa_sha2_256 rsa_sha2_512
  #
  undo dcn security-mode enable
  #
  undo dtls policy qx_dtls_client
  #
  return

The password in the file can be set to a user-defined cleartext. To improve security, it is recommended that the password contain at least two types of the following characters: uppercase letters, lowercase letters, digits, and special characters.