Bug ID 563689: ZebOS configuration cannot be loaded via imish when service password-encryption is set

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP All(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:
13.1.0

Opened: Dec 17, 2015

Severity: 3-Major

Symptoms

When "service password-encryption" is configured in ZebOS, encrypted passwords cannot be loaded through imish. imish will print "% Invalid input detected at '^' marker." and the password will not be loaded.

Impact

ZebOS configuration will be incompletely loaded.

Conditions

Dynamic routing is configured with "service password-encryption" in ZebOS config file or running config, run "imish -f <file>" or paste encrypted password into imish.

Workaround

The config will be properly read if tmrouted is restarted. Restarting tmrouted will interrupt all dynamic routing. The config can also be loaded without restarting tmrouted by configuring the cleartext passwords manually. They will be encrypted when the configuration is saved.

Fix Information

imish now correctly loads the ZebOS configuration when "service password-encryption" is set.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips