strange cisco ssh behavior

Unanswered Question
Sep 4th, 2008
User Badges:
  • Silver, 250 points or more

Hello!


I have a strange behavior related to cisco ssh configure. I did:

"crypto key generate rsa" choose 1024,

enable under vty lines "transport input ssh" and when I want to connect I getting disconnected. The debug is below:


Sep 4 08:49:09 UTC: SSH1: starting SSH control process

Sep 4 08:49:09 UTC: SSH1: sent protocol version id SSH-2.0-Cisco-1.25

Sep 4 08:49:09 UTC: SSH1: protocol version id is - SSH-2.0-OpenSSH_4.7

Sep 4 08:49:09 UTC: SSH2 1: send: len 280 (includes padlen 4)

Sep 4 08:49:09 UTC: SSH2 1: SSH2_MSG_KEXINIT sent

Sep 4 08:49:10 UTC: SSH2 1: ssh_receive: 792 bytes received

Sep 4 08:49:10 UTC: SSH2 1: input: packet len 792

Sep 4 08:49:10 UTC: SSH2 1: partial packet 8, need 784, maclen 0

Sep 4 08:49:10 UTC: SSH2 1: input: padlen 8

Sep 4 08:49:10 UTC: SSH2 1: received packet type 20

Sep 4 08:49:10 UTC: SSH2 1: SSH2_MSG_KEXINIT received

Sep 4 08:49:10 UTC: SSH2: kex: client->server aes128-cbc hmac-md5 none

Sep 4 08:49:10 UTC: SSH2: kex: server->client aes128-cbc hmac-md5 none

Sep 4 08:49:10 UTC: SSH2 1: expecting SSH2_MSG_KEXDH_INIT

Sep 4 08:49:10 UTC: SSH2 1: ssh_receive: 144 bytes received

Sep 4 08:49:10 UTC: SSH2 1: input: packet len 144

Sep 4 08:49:10 UTC: SSH2 1: partial packet 8, need 136, maclen 0

Sep 4 08:49:10 UTC: SSH2 1: input: padlen 5

Sep 4 08:49:10 UTC: SSH2 1: received packet type 30

Sep 4 08:49:10 UTC: SSH2 1: SSH2_MSG_KEXDH_INIT received

Sep 4 08:49:10 UTC: SSH2 1: RSA_sign: private key not found

Sep 4 08:49:10 UTC: SSH2 1: signature creation failed, status -1

Sep 4 08:49:10 UTC: SSH1: Session disconnected - error 0x00


I did "crypto key zeroize rsa" and reconfigure, but still the same behavior.

Do you have any idea why?


Thanks!


Cheers,

Calin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Loading.
Calin Chiorean Thu, 09/04/2008 - 02:35
User Badges:
  • Silver, 250 points or more

Hi!


Trust me, I would be more than happy to be able to use putty or other ssh client, but unfortunately I cannot. The management machine is a text linux OS...so I'm stuck with this for the moment.


Any other ideas are welcome!


Thanks and cheers,

Calin

Calin Chiorean Thu, 09/04/2008 - 04:42
User Badges:
  • Silver, 250 points or more

I found the solution!


So, the person that worked before me on this switch, did the following:


-change the hostname from CAPITAL LETTERS to small letters

-generate a new rsa key

-the ssh stopped working because the ssh was never disable for the hostname with CAPITAL LETTERS


what I did:

-put back the hostname in CAPITAL LETTERS

-generate rsa key

-delete rsa key...in this moment I received:

%SSH-5-DISABLED: SSH 2.0 has been disabled

-change the name in small letters

-generate a new rsa key...in this moment I received:

%SSH-5-ENABLED: SSH 2.0 has been enabled


Now it is working!


Thanks all for support!


Calin


Actions

This Discussion