Bug ID 568596: Utility ssh-copy-id will be blocked if the ssh policy for that specific user is set to Disallow/Terminate for rexec

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Opened: Jan 19, 2016
Severity: 4-Minor


ssh-copy-id is a commonly used utility on linux used to copy the public key to an ssh server. It internally uses rexec. If the ssh profile attached to the virtual disallows or terminates rexec for that user, ssh-copy-id will no longer work.


public key authentication can not be set up using ssh-copy-id.


rexec set to disallow/terminate for a user and the user launches the ssh-copy-id utility from his/her client.


If scp or sftp is allowed, the user can copy his/her public key to the authorized_keys file on the backend server.

Fix Information


Behavior Change