VirtualBox

Download VirtualBox for Linux Hosts

The VirtualBox base package binaries are released under the terms of the GPL version 3.

Please choose the appropriate package for your Linux distribution.

VirtualBox 7.2.6 for Linux

You might want to compare the checksums to verify the integrity of downloaded packages. The SHA256 checksums should be favored as the MD5 algorithm must be treated as insecure!

SHA256 checksums MD5 checksums

Oracle Linux

Users of Oracle Linux 8, 9 and 10 can use the Oracle Linux yum repository and enable the ol8_developer channel for Oracle Linux 8, the ol9_developer channel for Oracle Linux 9, or the ol10_developer channel for Oracle Linux 10.

This can be done with 

yum install oraclelinux-developer-release-*

After that, do 

yum install VirtualBox-7.1

to get the latest maintenance release of VirtualBox 7.1.x installed.

Debian-based Linux distributions

Add the following line to your /etc/apt/sources.list. For Debian 13 and older, replace '<mydist>' with 'trixie', 'bookworm', or 'bullseye'. For Ubuntu 24.10 and older, 'replace '<mydist>' with 'oracular', 'noble', or 'jammy'. 

deb [arch=amd64 signed-by=/usr/share/keyrings/oracle-virtualbox-2016.gpg] https://download.virtualbox.org/virtualbox/debian <mydist> contrib

The Oracle public key for verifying the signatures can be downloaded here. You can add these keys with 

sudo gpg --yes --output /usr/share/keyrings/oracle-virtualbox-2016.gpg --dearmor oracle_vbox_2016.asc

or combine downloading and registering: 

wget -O- https://www.virtualbox.org/download/oracle_vbox_2016.asc | sudo gpg --yes --output /usr/share/keyrings/oracle-virtualbox-2016.gpg --dearmor

The key fingerprint for oracle_vbox_2016.asc is 

B9F8 D658 297A F3EF C18D  5CDF A2F6 83C5 2980 AECF
Oracle Corporation (VirtualBox archive signing key) <info@virtualbox.org>

To install VirtualBox, do 

sudo apt-get update
sudo apt-get install virtualbox-7.1

Replace virtualbox-7.1 by virtualbox-7.0 to install the latest VirtualBox 7.0 build.

What to do when experiencing The following signatures were invalid: BADSIG ... when refreshing the packages from the repository? 

# sudo -s -H
# apt-get clean
# rm /var/lib/apt/lists/*
# rm /var/lib/apt/lists/partial/*
# apt-get clean
# apt-get update

If you previously added the Oracle key(s) to your default keyring (now considered insecure), remove them again with: 

sudo apt-key remove 5CDFA2F683C52980AECF
sudo apt-key remove D9C954422A4B98AB5139

(As of VirtualBox 3.2, the signing key was changed. The old Sun public key for apt-secure can be downloaded here. Likewise, the Oracle public key for distributions older than Debian 8 and Ubuntu 16.04 can be downloaded here.)

RPM-based Linux distributions

We provide a yum/dnf-style repository for Oracle Linux/Fedora/RHEL/openSUSE. All .rpm packages are signed. The Oracle public key for rpm can be downloaded here. You can add this key (not normally necessary, see below!) with 

sudo rpm --import oracle_vbox_2016.asc

or combine downloading and registering: 

wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | rpm --import -

The key fingerprint is 

B9F8 D658 297A F3EF C18D  5CDF A2F6 83C5 2980 AECF
Oracle Corporation (VirtualBox archive signing key) <info@virtualbox.org>

After importing the public key, the package signature can be checked with 

rpm --checksig PACKAGE_NAME

Note that importing the key is not necessary for yum users (Oracle Linux/Fedora/RHEL/CentOS) when using one of the virtualbox.repo files from below as yum downloads and imports the public key automatically! Zypper users should run 

zypper refresh

(As of VirtualBox 6.1.44/7.0.8, the same signing key as for Debian packages since 2016 is used. The Oracle public key for older rpm packages and not updated repositories can be downloaded here.)

The package signature is checked by yum/dnf/zypper as well:

Last modified 7 months ago Last modified on 08/27/2025 06:56:57 PM
Note: See TracWiki for help on using the wiki.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette