SSH stopped working

Unanswered Question
Jun 19th, 2008


i encounter the problem not be able to ssh to my ASA5510 anymore. the log shows a entry with "Resource 'ssh' limit of 5 reached for context 'single_vf'". i found already some posts on the internet stating to regenerate the rsa key. i did it with "crypto key generate rsa modulus 1024", but this didn't helped a bit. i'm still getting the error in the log and not able to ssh to it. i found a post saying to 'zeroize rsa' first, but i have no idea how to do that. any suggestions?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Thu, 06/19/2008 - 08:36

The only way I've been able to SSH again is to reboot the firewall. I've been waiting for it to happen again so I can open a TAC case. Maybe you could do that and let's us know what Cisco says?

jbatluck Thu, 06/19/2008 - 10:23


I think I've had this happen to me before, and I think rebuilding the keys worked. I believe that on 6.3 the syntax is "ca zeroize rsa". I don't see it in the command reference document for 7.2, but that doesn't mean it's not there. Hope it works for you.

Collin Clark Thu, 06/19/2008 - 10:38


To remove the keys on an ASA device.

<font size="2">ASAOne(config)# crypto key zeroize rsa default</p><p>WARNING: The default key pair will be removed</p><p>WARNING: All device certs issued using these keys will also be removed and</p><p>the associated trustpoints may not function correctly.</p><p></p><p>Do you really want to remove these keys? [yes/no]: yes</p><p>ASAOne(config)# </font>


This Discussion