backup encryption key

Question

Dear community,I have some questions around the backup encryption key:- What is the AES operation mode (e.g. CBC, GCM, CTR, etc.)?- what is the key hierarchy. I assume that eventually, the Unit Key will protect all other keys, but do we then only have the master key protecting the SSL private keys or are there more levels?- How is the master key being shared between F5 units?- How is the unit key being stored and encrypted?

dario_garrido · Answer

Hello Mario_Franco,
UCS encryption is based on GnuPG (https://support.f5.com/csp/article/K5437) which uses by default AES-128+CFB (https://www.rfc-editor.org/rfc/rfc4880#section-13.9)
&nbsp;

dario_garrido · Answer

Regarding the master key, you have more info below
https://community.f5.com/t5/technical-articles/working-with-masterkeys/ta-p/290454
https://support.f5.com/csp/article/K73034260

Forum Discussion

backup encryption key

2 Replies

Recent Discussions

Claritox Pro Reviews (NEw Updated Customer Warning Alert!) EXPosed Ingredients ^&@pro$49

CelluCare Reviews (NEw Updated Customer Warning Alert!) EXPosed Ingredients ^&@pro$49

CITRIX remote desktop solution using F5 APM

BIG-IP rseries license

F5 iRule to route traffic based on AS2 headers doesnt work

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

Lock and Key - Encrypting EBS Disk Volumes for BIG-IP AWS Deployments

Automate Let's Encrypt Certificates on BIG-IP

F5 iApp Automated Backup