Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
Do master keys automatically get renewed? - Knowledge Base - Palo Alto Networks

Do master keys automatically get renewed?

23098
Created On 02/04/19 23:03 PM - Last Modified 03/22/19 20:29 PM


Question


The master key encrypts all passwords and private keys on the firewall or Panorama (such as the RSA key for authenticating administrators who access the CLI). Encrypting passwords and keys improves security by ensuring their plaintext values are not exposed anywhere on the firewall or Panorama

Environment


  • Panorama
  • Firewall
  • PAN-OS 9.0
  • Master key


Answer


Starting in 9.0, master-keys can automatically be renewed with the same master key
Auto renew master key
  • Enable to automatically renew the master key for a specified number of days and hours
  • Disable (clear) to allow the master key to expire after the configured key life time


Additional Information


Refer to the 9.0 PAN-OS® New Features Guide for more information 
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-new-features.html


Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmjsCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language