Following recent F5 SSH vulnerability disclosure, I was forced to quickly identify which of my devices are actually vulnerable and need patching. I started looking at my options and it turned out that easiest way to find out which boxes need some loving was to try exploiting them. It took me just a moment to locate dodgy private SSH key on BigIP’s filesystem. Once I had that I was able to login to ...