We have a number of PIX that seem to have this problem of refusing managment connections from time to time via SSH. The PIX are still responsive to Console access and still function properly as far as passing/blocking regular traffic. I've tried connecting with Putty and with SecureCRT. We are running
6.3(5) on a 525 failover bundle though most places we just have 515s with 6.3(5)
When I build them I use these commands to generate the certificates.
ca zeroize rsa
ca generate rsa key 1024
ca save all
And then define the following statements allowing SSH access from within the inside network to the device.
aaa authentictation ssh console TACACS+ LOCAL
ssh 192.168.0.0 255.255.255.0 inside
ssh timeout 20
I've attached a packet capture from my computer as well as from the inside interface of the PIX.
From the firewall if I do a show proc | inc ssh here are the processes that it shows.
Mrd 00103b58 044b53ec 0056ed88 0 044b33fc 8176/8192 ssh_init
Hrd 00303351 03e3ea1c 0056ed38 44121090 03e3e324 1116/2048 listen/ssh_1
Mrd 003f7ded 0420490c 0056ed88 0 04202994 6424/8192 ssh/timer