Manual Chapter : Creating an SSH Security Configuration

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 16.0.0
Manual Chapter

Creating an SSH Security Configuration

It is important to understand the backend server requirements regarding SSH.
You need an SSH Security Configuration to configure privileged user access. The SSH Security Configuration defines the ciphers, exchange methods, HMACs, and compression algorithms required by the backend resource. You can use the default configuration
ssh-security-config
which is provided on the system.
  1. On the Main tab, click
    Access
    Ephemeral Authentication
    WebSSH Configuration
    SSH Security Configuration
    .
  2. Click
    Create
    .
  3. For
    Name
    , type a name for the SSH security configuration.
  4. For
    Ciphers
    , select the encryption methods to use from the
    Available
    list and move them into the
    Selected
    list.
  5. For
    Key Exchange Methods
    , select the methods to use from the
    Available
    list and move them into the
    Selected
    list.
    The Key Exchange method is used to establish secure communications for exchanging data.
  6. For
    HMACs
    , select the hash-based message authentication codes to use from the
    Available
    list and move them into the
    Selected
    list.
  7. For
    Compression Algorithms
    , select the algorithm or
    None
    from the
    Available
    list and move it into the
    Selected
    list.
    The default is
    None
    which avoids unnecessary compression. However, some backend servers use zlib* compression. In this case, chose
    zlib
    or
    zlib-openssh
    whichever is appropriate.
  8. Click
    Save
    .
The SSH Security Configuration is added to the list.
Next, create an Access Configuration.