Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Ichnafi's avatar
Ichnafi
Icon for Cirrostratus rankCirrostratus
May 24, 2018

Why only two supported ciphers in ssh_config

Hello everyone, I recently tried to copy a file via scp from a BIG-IP and failed by "not matching ciphers". I had a look into it and stumbled upon the fact, that by default only aes128-cbc and aes2...
application delivery
big-ip
youssef1's avatar
youssef1
Icon for Cumulonimbus rankCumulonimbus
May 25, 2018

Hi Ichnafi,

 

By default, the sshd configuration does not include a specific set of ciphers or MAC algorithms for BIG-IP and BIG-IQ systems. However you can modify the encryption ciphers or the Message Authentication Code (MAC) algorithms used by the secure shell (SSH):

 

Check this link, it discribe how you can include additionl ciphers https://support.f5.com/csp/article/K80425458

 

hope it responds to your answer.

 

Regards

 

  • Gabriel_Y's avatar
    Gabriel_Y
    Icon for Nimbostratus rankNimbostratus
    Apr 17, 2020

    I applied this process, however is not working for version "BIG-IP 14.1.2".

    edit / sys sshd all-properties

    Change the parameter: 

    include "Ciphers arcfour256, aes256-ctr"

    But instead of change the exist value, it duplicated the line staying as follows:

    Somebody help me how to resolve this, please.