Last Modified: Dec 05, 2024
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
17.1.1, 17.1.0.2, 17.1.0.1, 16.1.4.1, 16.1.4
Fixed In:
17.1.2, 16.1.5
Opened: Mar 10, 2023 Severity: 2-Critical Related Article:
K000137127
When trying to connect to BIG-IP via SSH, the connection fails with an error: Unable to negotiate with <IP> port 22: no matching host key type found. Their offer: rsa-sha2-512,rsa-sha2-256,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 This issue is observed only in non FIPS mode.
The ssh-rsa as a host key algorithm fails to connect to BIG-IP in non FIPS mode.
-- SSH connection -- The algorithm is set to ssh-rsa -- The BIG-IP system is not operating in FIPS mode
None
Enabling ssh-rsa as host-key algorithm, in Non-FIPS mode for ssh connections.