Forum Discussion
Add ssh-rsa to 17.1.1 host key algorithm
- Jan 17, 2024
Good find.
Unfortunately, I do not think there is any alternative way. The only thing I can think of is possibly proxying the SSH client connection via a Jumphost server which supports the ssh-rsa host key algorithm.
You may want to create a Support Case with F5 to see if they are able to provide any further suggestions.
The following knowledge articles may help:
Modifying the host key algorithms used by the ssh server on the BIG-IP (f5.com)
Modifying the list of ciphers and MAC and key exchange algorithms used by the SSH service on the BIG-IP or BIG-IQ systems (f5.com)
Hi,
Thank you for your support.
I tried editing the sshd_config file manually but still didn't work.
I found out a few more articles and turned out that F5 removed support of ssh-rsa even though I can still see BIG-IP with 17.1.1 using ssh-rsa through a command "sshd -T | grep -i hostkeyalgorithms"
Reference:
https://my.f5.com/manage/s/article/K000136120
https://my.f5.com/manage/s/article/K000135559
I know it's tough but I'm asking if there is any other way to make it work besides updating the 3rd party software.
- Jan 17, 2024
Good find.
Unfortunately, I do not think there is any alternative way. The only thing I can think of is possibly proxying the SSH client connection via a Jumphost server which supports the ssh-rsa host key algorithm.
You may want to create a Support Case with F5 to see if they are able to provide any further suggestions.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com