NimbostratusSSH-proxy and keyboard interactive authentication not working
I am trying to test the SSH proxy funtionality of AFM, but I am not succeeding at all. I am aiming for keyboard interactive authentication (username/password), but all I get is "Authentication failed."
For my test-setup I have followed this to the letter: https://support.f5.com/kb/en-us/products/big-ip-afm/manuals/product/network-firewall-policies-implementations-12-1-0/13.print.html Section: Defining SSH proxy password or keyboard interactive authentication
My setup goes: 10.128.1.1 --> 10.128.10.100 (VS with SSH-proxy profile) --> 10.128.10.128 (backend server)
Directly SSH 10.128.1.1 ---> 10.128.10.128 work just fine If I goes through the virtuel Bigip on 10.128.10.100 I get:
debug1: Host '10.128.10.100' is known and matches the RSA host key.
debug1: Found key in /Users/testuser/.ssh/known_hosts:4
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive,password
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/testuser/.ssh/id_rsa
debug1: Trying private key: /Users/testuser/.ssh/id_dsa
debug1: Trying private key: /Users/testuser/.ssh/id_ecdsa
debug1: Trying private key: /Users/testuser/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
Authentication failed.
I have taken to public key from the backend server /etc/ssh/ssh_host_rsa_key.pub and placed a copy in "Real Server Auth Public Key" field.
I have taken a private key generated on the virtual Bigip, using ssh-keygen, and placed a copy in "Proxy Server Auth Private key" field.
I made sure that HostKey /etc/ssh/ssh_host_rsa_key is not commented out on the backend server.
According to the article linked to above, it should now work, but it does not. Can anyone help me?
