Microsoft Azure: Authentication Considerations¶
Use the following information when configuring authentication and proper file transfer between Azure Cloud and the BIG-IP VE:
- The root account is disabled by default
- The Administrator (admin) account/role does NOT have a default password
When you use the
sftp commands to transfer files to/from the BIG-IP system, you MUST have the Administrator
role and access set to Advanced Shell (
bash) for BIG-IP versions that have the following CVE fixes:
When provisioning an instance through the Azure portal or with the waagent:
- The names
rootare NOT allowed. You must provide a unique admin account name.
- With waagent, you can only configure authentication using either a password OR SSH Key authentication (not both).
- If configuring SSH Key authentication, you can find the SSH public key in both the custom admin and the default admin’s account, as a convenience for those standardizing with the admin account.
Because password authentication is required for WebUI access, but not as commonly supported in other clouds, F5 recommends configuring both:
- Configure SSH Key authentication during the instance provisioning process.
- Set password authentication using additional on-boarding steps (for example using
tmshor Declarative Onboarding).
Consult the GitHub links in the Azure Automation section for additional authentication examples.