Bug ID 1069365: Error shown when configuring known-host for file transfer when FIPS mode is enabled`

Last Modified: Aug 01, 2024

Affected Product(s):
F5OS None(all modules)

Fixed In:
F5OS-A 1.7.0, F5OS-A 1.5.2

Opened: Dec 21, 2021

Severity: 3-Major

Symptoms

"Host unreachable" error is sometimes displayed when FIPS mode is enabled, if a user tries to configure known-host. The ssh-keyscan fails, as ssh-keyscan is not using FIPS approved ciphers.

Impact

"Host unreachable" error is thrown.

Conditions

- FIPS mode is enabled - User configures known-host for file transfer

Workaround

N/A

Fix Information

Updated ssh-keyscan to use FIPS approved ciphers when FIPS mode is enabled.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips