10-03-2007 08:26 AM - edited 03-10-2019 03:25 PM
I am investigating the use of SCP/SSH for accessing of key routers/switches in our environment. I have followed the Cisco document at:
for configuring server-side SCP on a 1760 router in our lab - and as far as I can tell from running SSH and SCP debugs everything is going fine at first using WinSCP as a client (see log -->)
SSH:
Incoming SSH debugging is on
Incoming SCP debugging is on
LABROUTER_1760#terminal monitor
LABROUTER_1760#
*Feb 28 19:32:09: SSH1: starting SSH control process
*Feb 28 19:32:09: SSH1: sent protocol version id SSH-1.99-Cisco-1.25
*Feb 28 19:32:09: SSH1: protocol version id is - SSH-1.5-WinSCP_release_4.0.4
*Feb 28 19:32:09: SSH1: SSH_SMSG_PUBLIC_KEY msg
*Feb 28 19:32:09: SSH1: SSH_CMSG_SESSION_KEY msg - length 144, type 0x03
*Feb 28 19:32:09: SSH: RSA decrypt started
*Feb 28 19:32:09: SSH: RSA decrypt finished
*Feb 28 19:32:09: SSH: RSA decrypt started
*Feb 28 19:32:10: SSH: RSA decrypt finished
*Feb 28 19:32:10: SSH1: sending encryption confirmation
*Feb 28 19:32:10: SSH1: keys exchanged and encryption on
*Feb 28 19:32:10: SSH1: SSH_CMSG_USER message received
*Feb 28 19:32:10: SSH1: authentication request for userid *******
*Feb 28 19:32:10: SSH1: SSH_SMSG_FAILURE message sent
*Feb 28 19:32:10: SSH1: SSH_CMSG_AUTH_PASSWORD message received
*Feb 28 19:32:10: SSH1: authentication successful for *******
*Feb 28 19:32:10: SSH1: SSH_CMSG_EXEC_SHELL message received
*Feb 28 19:32:10: SSH1: starting shell for vty
*Feb 28 19:32:46: SSH1: Session disconnected - error 0x07
In real time, the 'starting shell for vty' message being written to the log is followed by a pause of several seconds and then finally by an error from WinSCP that says cryptically 'Error skipping startup application. Your shell is probably incompatible with the application (BASH is recommended).' Clicking on the 'OK' button to close out the WINSCP dialog box then will bring up the final line of debug output from the router - Session disconnected - error 0x07.
as you can tell from the debug logging, it looks like the server side is almost without issue (there is the SSH_SMSG_FAILURE error but things seem to proceed fine after that) but it seems that the session times out because for some reason WinSCP won't open the shell?
Thanks in advance for any advice.
- Paul
10-05-2007 08:06 AM
Paul-
What are you using WinSCP to connect to? Are you just verifying SSH/SCP on the server? From the router you will create an SSH connection to the server and then SCP will ride over that to transfer the files.
10-05-2007 12:10 PM
I am using WinSCP on my XP Pro workstation to connect to a 1760 router running a Crypto version of 12.4(17). That router has SSH and SCP enabled as per the document cited in my original post. I have tried using both SFTP and SCP options in the WinSCP startup option field and neither one succeeds although SFTP (with SCP as backup) comes closest, producing the debug shown in the original post.
From debugs it seems that SSH is established and then it times out, being somehow unable to launch an appropriate shell?
Or is something else happening?
Thanks.
- Paul
10-05-2007 12:14 PM
I assumed the same thing when I was trying this, but you should not be connecting to the router. It can not handle SCP (think of it as one way, from the router to the server only). From the router, can you connect to the server with SSH? If yes then try copying something from the router to the server with SCP.
copy running-confg scp:
Let me know how it goes.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: