Load Balance SFTP but not SSH

Hi Techniplex,

 

The main problem with this is that SFTP is subsystem of SSH and the F5 cannot decrypt the SSH traffic in the path of the connection in order to programmatically alter it in the way you are mentioning. Your best bet is to do this a tthe source of the backend server. Here is a link that I found may help http://devcentral.f5.com/Default.aspx?tabid=63&articleType=ArticleView&articleId=340

 

 

Bhattman

I did find that article and did not hold much hope for positive resolution, but I had hoped that maybe something had changed in two years. I guess I should open a feature request for SSH encryption offload? If that was implemented I am guessing that this might be possible then.

 

 

Thanks for the insight.

 

 

I don't think anything has changed on this recently. I'd open a case with F5 Support if you see value in being able to do SSH encryption on LTM. I'm not sure there is broad appeal for the feature, but it can't hurt to ask.

 

 

Aaron

In theory it should be possible to offload the ssl to the f5 and perform the sftp in an irule...

 

 

I like a good theory... Hmm...