Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
First i now that this firewall is EOL
("### image corrupted ###" shown on the console)
I tried the TFTP procedure to reinstall the OS(ssg22.214.171.124r27) but after the image is loaded successfully i got:
> ********Invalid DSA signature
> ********Bogus image - not authenticated
I could be a problem of signature so I would like to try with an old firmware signed prior 2014 to see if i can resurrect the beast unfortunately Juniper does not offer these old firmware on download area. Could someone provide an old version?
To recover from this error and allow the device to boot you need to delete the signing key.
delete crypto auth-key
Then reboot the device and the new ScreenOS should load.
kb is here:
> ********Invalid DSA signature> > ********Bogus image - not authenticated
The problem of deleting the signing key is i that the firewall is only showing the loader with TFTP parameters. I cannot issue any command via CLI, unless you know the way to access CLI via loader? This is the reason why i was asking for an old signed firmware as an intermediate recovery step.
As I recall the command is issued at the bootloader and not the cli so you should be able to run this after the bogus image response then reboot again to bypass the check.
Once this is up you can then follow the instructions to install the new signing key.