Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


show security tpm status



Display the current status of the Trusted Platform Module (TPM). You can use this show security tpm status command to check the status of TPM ownership, master binding key, master encryption password, family version, and firmware version.


This command has no options.

Required Privilege Level


Output Fields

Table 1 lists the output fields for the show security tpm status command.

Table 1: show security tpm status Output Fields

Field Name

Field Description


Specifies whether TPM is enabled or disabled.


Specifies the TPM ownership. TPM can be owned even if the Master Encryption Key and Master Encryption Key are not created/configured.

Master Binding Key

Displays the TPM’s Master Binding Key status whether it is created or not created. TPM generates cryptographic keys and encrypts them so that those can only be decrypted by the TPM. This process is know as binding. Each TPM has a master binding key, which is also know as storage root key.

Master Encryption Key

Displays Master Encryption Password status whether it is set or not set. The encrypted data and the hash of the configuration is protected by the TPM module using the master encryption password.

TPM Family

Displays Trusted Computing Group’s (TCG) TPM family version.

TPM Firmware version

Displays the firmware version loaded in TPM.

Sample Output

show security tpm status

Release Information

Command introduced in Junos OS Release 15.1X49-D80.

Command introduced in Junos OS Release 20.1R1 for SRX5400, SRX5600, and SRX5800 devices with SRX5K-RE3-128G Routing Engine (RE3).

TPM family and TPM firmware version details are introduced in Junos OS Release 15.1X49-D120.