Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Verifying Security Signatures


The vMX image is securely signed, so you can verify the signature for the image.

To verify the signature:

  1. Download the public key certificate and the software image from the Juniper Networks Download Software page.
  2. Import the public key into a temporary GPG key ring.
    mkdir temp
    cd temp
    gpg --homedir . --import certificate-file

    For example:

    gpg --homedir . --import Juniper_vMX_public_key_2015.asc

    The hexadecimal key value and name vary with each key. The hexadecimal value is an easy way to confirm that the key is authentic.

  3. Verify the validity of the signature.
    gpg --homedir . --verify signature-file file-to-be-signed

    For example:

    gpg --homedir . --verify vmx-14.1R5.4-1.tgz.sig jinstall-vmx-14.1R5.4-domestic-signed.tgz

    The second warning message appears because the key has not been marked as trusted. You can ignore the warning messages.