cancel
Showing results for 
Search instead for 
Did you mean: 

What is "Host Processor Superuser" in /var/ssh/root/authorized_keys?

Toefer_133125
Nimbostratus
Nimbostratus

I am currently using 11.3.0. When looking at the authorized_keys file for root, I found an SSH key for Host Processor Superuser. What is this for and is it okay to remove it?

 

1 ACCEPTED SOLUTION

Syafiq_89483
Cirrus
Cirrus

I am currently using 11.3.0. When looking at the authorized_keys file for root, I found an SSH key for Host Processor Superuser. What is this for and is it okay to remove it?

 

as far as i know, Linux host on the BIG-IP is the Host Processor. The Host Processor Superuser is used by the LCD panel to allow limited configuration access of the management port without having to log into console port or management interface.

 

So basically, it will be needed by your box as long as you want to config your box with LCD panel.

 

correct me if i wrong.

 

View solution in original post

3 REPLIES 3

Syafiq_89483
Cirrus
Cirrus

I am currently using 11.3.0. When looking at the authorized_keys file for root, I found an SSH key for Host Processor Superuser. What is this for and is it okay to remove it?

 

as far as i know, Linux host on the BIG-IP is the Host Processor. The Host Processor Superuser is used by the LCD panel to allow limited configuration access of the management port without having to log into console port or management interface.

 

So basically, it will be needed by your box as long as you want to config your box with LCD panel.

 

correct me if i wrong.

 

I removed this entry from the authorized_keys file for root.. I don't use the LCD panel (don't even have it hooked up). So it appears this is no problem/issue to not have it there..

 

I'm correcting you - this can't be it. This key is present on VMs as well.

I'll tell you what it is and you're not gonna like it - it's a backdoor left by stupid F5 engineers. They have a DB with private keys mapped to every serial number which they can use for logging in emergency (or not so emergency) situations. Checkpoint used a similar backdoor by logging in with localhost username on devices without being provided any credentials for it. Username was stored in /etc/passwd and /etc/shadow only and is not visible to the end customer who doesn't have access to these files. Every story I heard like this ends up in massive abuse/formatting/installation of ransomware and what not. Read about the recent QNAP screw up.