Manual Chapter : The f5mku utility: Reference

Applies To:

Show Versions Show Versions

BIG-IP LTM

  • 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0

BIG-IP DNS

  • 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
Manual Chapter

The f5mku utility: Reference

The
f5mku
utility is a cryptographic tool for managing passwords and passphrases. The available command options that display when you type
f5mku -h
at a system prompt are listed below.
F5 strongly recommends that you avoid using the
-r
option to reset a master key. Using
-r
without first decrypting the passwords or passphrases on configuration objects will cause any subsequent configuration load operation to fail. Use the TMOS Shell (
tmsh
) command
modify /sys master-key prompt-for-password
instead.
[a2w@COSFL02:/S1-green-P:Active:Disconnected] ~ # f5mku -h Usage: f5mku [d:?fhHi:r:t:uUvYZq:] Required parameters: (one of these must be specified) -d bits generate a base64 encoded RSA key and output to stdout -f fetch unit key -Z dump debug information -i file import key saved via --- -r key rekey with the specifed master key (b64 encoded). Use with caution. Optional parameters: -? -h this help -q Query if given string matches current master key -t # Timeout value in seconds (1-500) -u Unit test posture (no HAL) -U Test unit key functionality -H Force I/O to HAL storage -K Displays the master key -v set verbose mode -Y Answer Yes to any queries