SFTP VIP and host keys

Question

Hello,We have a VIP handling SFTP traffic with two backend servers in the pool.&nbsp; The VIP doesn't have any special SSH profiles assigned.Everything is working fine with host keys changing depending on the BE, but we faced with one client that can't supress or ignore warnings during host key changes.Is there any way we can proxy a host key in the VIP configuration or it requires SSH profile?As a workaround, can anyone share an example of iRule that can force to use a particular pool member (or particular pool) based on the source IP?Thank you in advance.

joe851 · Answer

A host key is the SFTP server's public key. Ensuring the SFTP server is validated is an important aspect of the SFTP protocol. It is designed to protect against man-in-the-middle attacks where the hacker intercepts and relays an impersonated message to the other party.&nbsp;&nbsp;www.surgecardinfo.com

Forum Discussion

SFTP VIP and host keys

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

DevCentral Connects hosts Capture the Flag!

SSL length key

Outbound SFTP

Lock and Key - Encrypting EBS Disk Volumes for BIG-IP AWS Deployments

7 Keys for Successfully Implementing Zero Trust Architectures

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS