Forum Discussion
CirrusIncreasing SSH keys from 1024-bit to 2048-bit keys
Is this procedure https://support.f5.com/csp/article/K26031800 also valid for 14.X.X ?
Or maybe there is another one ?
7 Replies
Dario_GarridoNoctilucent
Hello PiotrL.
Version 14.x has already got a 2048-bit key.
# tmsh show sys software | grep yes HD1.2 BIG-IP 14.0.0 0.0.2187 yes complete # openssl rsa -noout -text -in /var/ssh/ssh_host_rsa_key | grep -i key Private-Key: (2048 bit)KR,
Dario.
- PiotrL
Hi Dario,
we have 14.1.0.2 version, but still: Private-Key: (1024 bit)
maybe F5 guys had second thought and changed it again to 1k ...
- Dario_Garrido
So, that's maybe the reason they don't include 14.x in K26031800.
Actually, I don't see any inconvenient on perform this procedure to change private-key length.
KR,
Dario.
- PiotrL
It was enough to regenerate the SSH keys, so one command:
"/usr/bin/keyswap.sh -genkeys" did the trick.
- boneyard
MVP
thanks for reporting back PiotrL
- AJF5
Altocumulus
Just this command will help change SSH keys from 1024 to 2048 bit.
"/usr/bin/keyswap.sh -genkeys"
Or this is addition to K26031800.
- PiotrL
In my case (v14.x) it was enough to issue this one command, altough v14.x should have 2k by default, as Dario commented ...
