Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Junos] Using the MD5 checksum to verify that the integrity of the Junos OS been pushed into the Juniper device

0

0

Article ID: KB19931 KB Last Updated: 19 Dec 2013Version: 3.0
Summary:

In preparing to upgrade Junos OS on your device, it is common to transfer the Junos package to the device through FTP or another transfer protocol. This article describes how to use the MD5 checksum value to verify that the Junos OS package transferred to the device is not a corrupted or truncated file.

Symptoms:
How does a user verify that the Junos OS package intended for installation/upgrade is not a corrupted or truncated file?
Cause:

Solution:

MD5:

In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit (16-byte) hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files.

Checksums take on various forms, depending upon the nature of the transmission and needed reliability. SHA1 and MD5 hashes are used to verify that a file or group of files has not changed. 

The following steps show the process for verifying the checksum.

1.  Note the checksum value for the Junos install package when downloading the Junos install package from the Juniper support site.


When downloading the Junos install package from the Juniper support site, note the MD5 or SHA-1 checksum value:




2.  Copy the Junos install package to the Junos device.  

In this example, the Junos install package is transferred to the Junos device using FTP.




3.  Verify that the checksum value for the Junos install package copied to the Junos device matches the checksum noted in step 1.

On the Junos device, use the following commands to verify that the file (Junos install package) is present and that the checksum matches (step 1).  This ensures that the transferred file is ready to use for installation, and that it is not truncated or a corrupted file. The command can be run from Shell Mode, Operational Mode, or Config Mode.

Shell Mode :                

% md5 jinstall-ex-4200-10.4R1.9-domestic-signed.tgz < After reaching the Source folder where the Junos Software been pushed enter this command

root@4200:RE:0% cd /var/tmp
root@4200:RE:0% ls
.snap krt_gencfg_filter.txt
gres-tp snmptest.pcap
jinstall-ex-4200-10.4R1.9-domestic-signed.tgz

root@Harish-4200:RE:0% md5 jinstall-ex-4200-10.4R1.9-domestic-signed.tgz
MD5 (jinstall-ex-4200-10.4R1.9-domestic-signed.tgz) =
38032c0e237a65b4cbc86a9c6ab06552


Operational Mode :
     

> file checksum md5 /var/tmp/jinstall-ex-4200-10.4R1.9-domestic-signed.tgz

{master:0}[edit]
root@4200> file checksum md5 /var/tmp/jinstall-ex-4200-10.4R1.9-domestic-signed.tgz
MD5 (/var/tmp/jinstall-ex-4200-10.4R1.9-domestic-signed.tgz) =
38032c0e237a65b4cbc86a9c6ab06552

Config Mode :                  

#  run file checksum md5 /var/tmp/jinstall-ex-4200-10.4R1.9-domestic-signed.tgz

{master:0}[edit]
root@4200# run file checksum md5 /var/tmp/jinstall-ex-4200-10.4R1.9-domestic-signed.tgz
MD5 (/var/tmp/jinstall-ex-4200-10.4R1.9-domestic-signed.tgz) =
38032c0e237a65b4cbc86a9c6ab06552



Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search