Increasing SSH keys from 1024-bit to 2048-bit keys

Question

Is this procedure https://support.f5.com/csp/article/K26031800 also valid for 14.X.X ?Or maybe there is another one ?

dario_garrido · Answer

Hello PiotrL.Version 14.x has already got a 2048-bit key.# tmsh show sys software | grep yes
HD1.2    BIG-IP   14.0.0  0.0.2187     yes  complete
&nbsp;
# openssl rsa -noout -text -in /var/ssh/ssh_host_rsa_key | grep -i key
Private-Key: (2048 bit)KR,Dario.

piotrl · Answer

Hi Dario,we have 14.1.0.2 version, but still: Private-Key: (1024 bit)maybe F5 guys had second thought and changed it again to 1k ...

dario_garrido · Answer

So, that's maybe the reason they don't include 14.x in K26031800.&nbsp;Actually, I don't see any inconvenient on perform this procedure to change private-key length.&nbsp;KR,Dario.

piotrl · Answer

It was enough to regenerate the SSH keys, so one command: "/usr/bin/keyswap.sh -genkeys" did the trick.

boneyard · Answer

thanks for reporting back PiotrL

Forum Discussion

Increasing SSH keys from 1024-bit to 2048-bit keys

Recent Discussions

F5 looses the token for the first call

feature request: container egress service

did not show checkbox on chrome while access through f5

How do I create a traffic log for two different route domains?

Flip-flop load balancing

Related Content

Diffie-Hellman "p" length 1024/2048 bits

F5 Friday: The 2048-bit Keys to the Kingdom

Increased Security With First Party Cookies

2048-bit Infrastructure Impact Reporting Tool

Increase Security in AWS without Rearchitecting your Applications - Part 1: Tuesday

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS