06-11-2008 05:20 AM - edited 03-05-2019 11:33 PM
Hello!
We use some 2950G-24-EI switches with IOS c2950-i6k2l2q4-mz.121-22.EA10a.bin.
We also use C3560-24-PS-S switches with IOS c3560-ipbasek9-mz.122-25.SEE4.bin and accesspoints (AP1242AG-E-K9) with IOS c1240-k9w7-mx.123-11.JA1.
On all devices we configured explicite "ip ssh version 2".
Output of "show ip ssh" is:
SSH Enabled - version 2.0
Authentication timeout: 120 secs; Authentication retries: 3
The problem is, that we can't connect from the 2950G switch to an accesspoint or to a C3560.
The failure is:
[Connection to switch aborted: error status 0]
Is there any difference between the SSH v2 on the 2950G and 3560?
The debug on the 2950G is:
Jun 11 15:26:59.295: SSH1: Session disconnected - error 0x07
Jun 11 15:26:59.443: SSH1: sent protocol version id SSH-2.0-Cisco-1.25
Jun 11 15:26:59.451: SSH1: receive failure - status 0x07
Jun 11 15:26:59.551: SSH1: Session disconnected - error 0x07
Jun 11 15:27:00.983: SSH CLIENT0: protocol version id is - SSH-2.0-Cisco-1.25
Jun 11 15:27:00.983: SSH CLIENT0: protocol version exchange failure (code = 1)
Jun 11 15:27:00.983: SSH CLIENT0: Session disconnected - error 0x00
Jun 11 15:27:07.956: SSH1: sent protocol version id SSH-2.0-Cisco-1.25
Jun 11 15:27:07.960: SSH1: protocol version id is - SSH-2.0-CmdSvc
Jun 11 15:27:18.728: SSH1: Session disconnected - error 0x07
The debug on the AP1242 is:
Jun 11 15:22:23.290: SSH1: starting SSH control process
Jun 11 15:22:23.290: SSH1: sent protocol version id SSH-2.0-Cisco-1.25
Jun 11 15:22:23.321: SSH1: receive failure - status 0x07
Jun 11 15:22:23.426: SSH1: Session disconnected - error 0x07
Thanks for your help!
Solved! Go to Solution.
06-11-2008 08:22 AM
My bad , Edison is correct the SSH client end , (being able to ssh from the device appears to be SSH V1 only on the 2950 but it will accept a incoming ssh v2 connection.
06-11-2008 05:43 AM
Try using the syntax "ssh -v 2
06-11-2008 05:51 AM
Thanks for your replay!
But there is no -v option on the 2950G switch.
2950G#ssh ?
-c Select encryption algorithm
-l Log in using this user name
-o Specify options
-p Connect to this port
WORD IP address or hostname of a remote system
06-11-2008 07:50 AM
The output displayed in the original post indicates the switch supports SSH v2 server services, however the SSH v2 client is another piece.
If you go to http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp and click on 'Search by Feature', you will notice that some switches do support SSH v2 server, for instance the 2960 starting with 12.2(25)SEE4 IOS release.
HTH,
__
Edison.
Please rate helpful posts
06-11-2008 08:22 AM
My bad , Edison is correct the SSH client end , (being able to ssh from the device appears to be SSH V1 only on the 2950 but it will accept a incoming ssh v2 connection.
06-12-2008 12:20 AM
Thanks for the replies and the link to the feature navigator!
I can't understand why the server is v2 and the client v1, but that is another question ;-)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: