There may be a bug in SFOS regarding SSH keys.
we noticed on 2 different SFOS firewalls, one XG430 (SFOS 19.0.1 MR-1-Build365) and one XGS136 (SFOS 19.5.1 MR-1-Build278) that SSH Keys you add here:
after you have enabled Multi Factor Authentication or 2FA for the admin
disappear from the config and can no longer be used after a HA-failover. Probably a normal reboot also recreates the issue. i have not tested if it is related to HA but both systems are in HA.
To confirm the issue I have already seen on the 19.0.1 machine, on the 19.5.1 machine I logged on with my normal pesonal admin user, not the admin, added one SSH key.
I needed to confirm it with the admin password.
Then logged in as admin and enabled 2FA / MFA for the admin user. logged out.
Then later I logged in with my personal admin, not the admin user, user again and added a second SSH key.
I needed to confirm it now with admin password+2FA code.
I rebooted the HA primary node hours later -> the AUX node becomes primary -> HA fallback was enabled so when the rebooted node was online again, it became the new primary again. When the HA-resync was complete I logged in Webadmin and found that the second SSH Key was gone.
Can someone confirm that please?
This thread was automatically locked due to age.
