234The system automatically uses the startup configuration file to reboot the device and enter FIPSmode. You can only use the configured username and password to log in to the FIPS device. Afterlogin, you are assigned a user role of crypto officer.Manual rebootTo use manual reboot to enter FIPS mode:1. Enable the password control function globally.2. Set the number of character types a password must contain to 4 and set the minimum number ofcharacters for each type to one character.3. Set the minimum length of user passwords to 15 characters.4. Add a local user account for device management, including the following items:{ A user name.{ A password that complies with the password control policies as described in step 2 and step 3.{ A user role of network-admin.{ A service type of terminal.5. Delete the FIPS-incompatible local user service types Telnet and FTP.6. Enable FIPS mode.7. Select the manual reboot method.8. Save the configuration file and specify it as the startup configuration file.9. Delete the startup configuration file in binary format (an .mdb file).10. Reboot the device.The system enters FIPS mode. You can use the configured username and password to log in to thedevice in FIPS mode.To enable FIPS mode, complete the following tasks:• If you choose the manual reboot method, accomplish the required configurations, includingconfiguring password control and a local user. For more information, see "Manual reboot."• If you choose the automatic reboot method and saving the current configuration is required, executethe save command before you enable FIPS mode.To enable FIPS mode:Step Command Remarks1. Enter system view. system-view N/A2. Enable FIPS mode. fips mode enable By default, the FIPS mode isdisabled.Configuration changes in FIPS modeWhen the system enters in FIPS mode, the following system changes occur:• The user login authentication mode can only be scheme.• The FTP/TFTP server and client are disabled.• The Telnet server and client are disabled.• SNMPv1 and SNMPv2c are disabled. Only SNMPv3 is available.