Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1, 16.1.5.2, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1
Opened: Mar 24, 2023 Severity: 4-Minor
If the user generates their own SSH key on a multi-bladed system, the restjavad storage sync between the primary slot and secondary slots fails. This happens because the system attempts to use this private key to authenticate to the secondary slots but the secondary slots do not have the matching public key in their authorized_keys file, so authentication falls back to password auth, which ultimately fails.
Users will not be able to generate their own SSH keys on multi-bladed systems since the restjavad storage sync between the primary slot and secondary slots will fail.
The user generates their own SSH key pair with a default name of id_[rsa|dsa|ecdsa|ed25519] and stores it in /root/.ssh on a multi-bladed system.
None
None