Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP AFM
Fixed In:
12.1.0
Opened: Feb 06, 2016 Severity: 3-Major
SSH Proxy connections drop after a period of time/after a certain amount of data has been transferred, based on the 'RekeyLimit' settings in sshd_config. It is possible that a 'fingerprint changed'/'REMOTE HOST IDENTIFICATION HAS CHANGED' error will appear on the terminal of the SSH client.
Dropped connections.
Always, after a certain amount of time/data has passed, unless the specified workaround is applied. Note: On many SSH installations, there will be no time-based automatic rekeying unless explicitly enabled.
Upgrading to a fixed version is the best option, but a possible workaround is to set 'RekeyLimit' in sshd_config to a very high value, such as 'RekeyLimit 100G'.
None