hashing passwords/passphrases

I presume you observed a string like "_e4h9VgHA`JG1MSE@c.e?2lkn>ZG[Wombh[o>67kaC_kV`J" (not exacly 50 characters but close enough). BIG-IP started to experience the issue since 14.1.0, however, I did not see the behavior on 14.1.2 (Final). F5 identified the issue but no fix is provided yet.

Meanwhile, you can use the /mgmt/tm/util/bash endpoint to directly evoke tmsh command. For example, getting the secret property from RADIUS setting (equivalent to 'tmsh list auth radius-server system_auth_name1 secret') using curl:

# curl -sku $PASS https://$HOST/mgmt/tm/util/bash -X POST -H "Content-Type: application/json" -d '{"command":"run", "utilCmdArgs":"-c \"tmsh list auth radius-server system_auth_name1 secret\""}' 
{
    "command": "run",
    "commandResult": "auth radius-server system_auth_name1 {\n    secret $M$Ti$Jh/EsK9GLFOp02s5m8kgjg==\n}\n",
    "kind": "tm:util:bash:runstate",
    "utilCmdArgs": "-c \"tmsh list auth radius-server system_auth_name1 secret\""
}

Not elegant, I agree (especially with the quotes with escapes) but it would do the job for you.

Hello,

we currently use a puppet module to manage the monitor, profile client ssl and radius server ressources via icontrol rest api. As a workaroud meanwhile I check now if the length of the hashed password > 40 or as previously if it starts with $M.

The versions affected by this issue are: 14.1.2.6, 14.1.2.5, 14.1.0.1 and 14.1.0. You should be able to fix this by changing to a version not affected, however, unfortunately, the current latest point release for 14.1.2 is 14.1.2.6. 15.1.0.4 might be a good choice. You can also submit a ticket to F5 Support and ask for a hotfix for ID745423 on top of 14.1.2.6.