Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6
Fixed In:
13.0.0
Opened: Jan 24, 2017 Severity: 2-Critical Related Article:
K79347503
The BIG-IP will RST the server side and client side connections upon connection initialization. If you have logging set up, log messages will inform you that the keys were mismatched.
SSH proxy fails.
Configuring the SSH Proxy feature's Real Server Auth public key field, using a public key that contains a comment, such as a trailing "root@myserver.local".
Strip any comments from the Real Server Auth public key, such as "root@host.example.com".
SSH Proxy now correctly parses public keys containing comments.