Last updated on: 2024-01-16 03:25:50.

bigip_security_ssh_profile_keys – Manage SSH proxy security key management on a BIG-IP

New in version 1.13.0.

Synopsis

  • Manage SSH proxy security profile private and public keys for SSH proxy on a BIG-IP.

Parameters

Parameter Choices/Defaults Configuration Comments
force
boolean
    Choices:
  • no ←
  • yes
Set this option to true when updating existing private keys, as private keys are encrypted on the device there is no other way to update them while keeping the module idempotent.
name
string / required
Specifies the name of object to hold key information on the SSH security profile.
partition
string
Default:
"Common"
Device partition to manage resources on.
profile_name
string / required
Specifies the name of the SSH security profile to which this rule applies.
proxy_client_private_key
string
Proxy client authentication private key.
To update this key the force option must be set to true.
proxy_client_public_key
string
Proxy client authentication public key.
proxy_server_private_key
string
Proxy server authentication private key.
To update this key the force option must be set to true.
proxy_server_public_key
string
Proxy server authentication public key.
real_server_public_key
string
Real server public key.
state
string
    Choices:
  • absent
  • present ←
When present, ensures the SSH proxy security authentication is created.
When absent, ensures the SSH proxy security authentication is removed.

Examples

- name: Add SSH keys to ssh proxy security profile
  bigip_security_ssh_profile_keys:
    name: auth1
    profile_name: ssh_test
    proxy_client_private_key: "XXXXXXXXXXXXXXXXXX"
    proxy_client_public_key: "YYYYYYYYYYYYYYYYYYY"
    proxy_server_public_key: "CCCCCCCCCCCCCCCCCCC"
    proxy_server_private_key: "BBBBBBBBBBBBBBBBBB"
    real_server_public_key: "AAAAAAAAAAAAAAAAAAAA"

- name: Modify SSH private keys on ssh proxy security profile - force on
  bigip_security_ssh_profile_keys:
    name: auth1
    profile_name: ssh_test
    proxy_client_private_key: "XXXXXXXXXXXXXXXXXX"
    proxy_server_private_key: "BBBBBBBBBBBBBBBBBB"
    force: true

- name: Remove SSH keys from ssh proxy security profile
  bigip_security_ssh_profile_keys:
    name: auth1
    profile_name: ssh_test
    state: absent

Return Values

The following are the fields unique to this module:

Key Returned Description
proxy_client_private_key
string
changed
Proxy client authentication private key.

Sample:
XXXXXXXXXXXX
proxy_client_public_key
string
changed
Proxy client authentication private key.

Sample:
XXXXXXXXXXXX
proxy_server_private_key
string
changed
Proxy server authentication private key.

Sample:
XXXXXXXXXXXX
proxy_server_public_key
string
changed
Proxy server authentication public key.

Sample:
XXXXXXXXXXXX
real_server_public_key
string
changed
Real server public key.

Sample:
XXXXXXXXXXXX


Status

Authors

  • Wojciech Wypior (@wojtek0806)