Bug ID 976669: FIPS Integrity check fails for other secondary blades after rebooting/replacing secondary blade

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2

Fixed In:
17.0.0, 16.1.2.2, 16.1.0, 15.1.5.1, 14.1.4.6

Opened: Dec 24, 2020

Severity: 2-Critical

Symptoms

After rebooting or replacing a secondary blade, the FIPS integrity check fails for other secondary blades and they fail to fully boot.

Impact

When the FIPS integrity checks fail the blades won't fully boot.

Conditions

This can occur after rebooting or replacing a secondary blade.

Workaround

On the secondary blade reboot, the following critical files are deleted from other secondary blades which leads to FIPS integrity check failure: /root/.ssh/authorized_keys /root/.ssh/known_hosts To mitigate, copy the missing files from the primary blade to the secondary blade. From the primary blade, issue the following command towards the secondary blade(s). rsync -avz -e ssh /root/.ssh/* root@<Secondary Blade>:/root/.ssh/

Fix Information

Critical files are not deleted during secondary blade reboot.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips