Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Use debug on health monitor to retrieve lost radius secret

Daniel_Abrahams
Nimbostratus
Nimbostratus

‎10-Nov-2021 06:58

Hi

 

Is it possible to use debug function on health monitors to retreive the radius secret?

Found this old blogpost http://socpuppet.blogspot.com/2016/11/how-to-recover-lost-big-ip-f5-secret.html and followed the steps

 

1) Created a health monitor with a random username and password plus a random secret. Enabled debug

2) Edit the health monitor and entered the hashed secret from the radius setup

3) Added the health monitor to a pool and attached the pool to a new virtual server used to test

4) Check in /var/log but no debug log is created

 

Is something missing or is it not possible to do this anymore?

 

Best regards

Daniel

 

 

 

Labels:
0 Kudos
1 REPLY 1

Enes_Afsin_Al
MVP
MVP

‎10-Nov-2021 11:52 - last edited on ‎04-Jun-2023 19:16 by Fog

Hi Daniel,

This has been fixed in from v13.1.0. If you look at the monitor debug logs, you will see "SECRET=<sensitive data redacted>".

https://cdn.f5.com/product/bugtracker/ID670893.html

cat /var/log/monitors/<MonitorPartition>_<MonitorName>-<NodePartition>_<NodeName>-<port>.log | grep SECRET
0 Kudos
Copyright © 2023 Khoros, LLC