cancel
Showing results for 
Search instead for 
Did you mean: 

SFTP VIP and host keys

Teddy_Brewski
Nimbostratus
Nimbostratus

Hello,

We have a VIP handling SFTP traffic with two backend servers in the pool.  The VIP doesn't have any special SSH profiles assigned.

Everything is working fine with host keys changing depending on the BE, but we faced with one client that can't supress or ignore warnings during host key changes.

Is there any way we can proxy a host key in the VIP configuration or it requires SSH profile?

As a workaround, can anyone share an example of iRule that can force to use a particular pool member (or particular pool) based on the source IP?

Thank you in advance.

1 REPLY 1

Joe851
Nimbostratus
Nimbostratus

A host key is the SFTP server's public key. Ensuring the SFTP server is validated is an important aspect of the SFTP protocol. It is designed to protect against man-in-the-middle attacks where the hacker intercepts and relays an impersonated message to the other party.  www.surgecardinfo.com