Limit text-copy in SSHproxy

Question

I have suggested to my employer, that we use SSHproxy in AFM to access network managment tools and devices, instead of the current 2xRDP via jumpstations and then SSH via SecureCRT, but the Security Officer says no on the basis that you could paste files into a text-editor on the receiving end and that way transfer files. &nbsp;
Is there a way to limit the amount of data that can be transferred that way? I can see that it is possible to apply an iRule, so perhaps something is possible that way?&nbsp;
My suggested setup is:
client --vpn--&gt; mgmt-net --&gt; SSHproxy --&gt; mgmt-server --&gt; network-equipment.&nbsp;

tikka_nagi_1315 · Answer

The answer to the specific question regarding limiting the amount of data using AFM SSH Proxy is no. However, it is likely possible to achieve this using a combination of other F5 modules such as ASM/APM. I would recommend you open a support case regarding this

stanislas_piro2 · Answer

I’m not sure AFM can detect copy / paste.&nbsp;
I had a quick look at rfc and did not find any reference to copy / paste method. I guess when you paste text, the ssh client send the text like when hitting on keyboard!&nbsp;

Forum Discussion

Limit text-copy in SSHproxy

2 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

Introduction to F5 Distributed Cloud Console Rate Limiting Feature

ASM filtered HTML exceeded limit: event code C190 Filtered Response HTML exceeded max limit

HTTP Session Limit

Rate Limiting SSL VPN User Traffic

Session Limiting