Bug ID 568596: Utility ssh-copy-id will be blocked if the ssh policy for that specific user is set to Disallow/Terminate for rexec

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
12.1.0, 12.1.1, 12.1.2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Opened: Jan 19, 2016

Severity: 4-Minor


ssh-copy-id is a commonly used utility on linux used to copy the public key to an ssh server. It internally uses rexec. If the ssh profile attached to the virtual disallows or terminates rexec for that user, ssh-copy-id will no longer work.


public key authentication can not be set up using ssh-copy-id.


rexec set to disallow/terminate for a user and the user launches the ssh-copy-id utility from his/her client.


If scp or sftp is allowed, the user can copy his/her public key to the authorized_keys file on the backend server.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips