09-04-2008 12:52 AM
Hello!
I have a strange behavior related to cisco ssh configure. I did:
"crypto key generate rsa" choose 1024,
enable under vty lines "transport input ssh" and when I want to connect I getting disconnected. The debug is below:
Sep 4 08:49:09 UTC: SSH1: starting SSH control process
Sep 4 08:49:09 UTC: SSH1: sent protocol version id SSH-2.0-Cisco-1.25
Sep 4 08:49:09 UTC: SSH1: protocol version id is - SSH-2.0-OpenSSH_4.7
Sep 4 08:49:09 UTC: SSH2 1: send: len 280 (includes padlen 4)
Sep 4 08:49:09 UTC: SSH2 1: SSH2_MSG_KEXINIT sent
Sep 4 08:49:10 UTC: SSH2 1: ssh_receive: 792 bytes received
Sep 4 08:49:10 UTC: SSH2 1: input: packet len 792
Sep 4 08:49:10 UTC: SSH2 1: partial packet 8, need 784, maclen 0
Sep 4 08:49:10 UTC: SSH2 1: input: padlen 8
Sep 4 08:49:10 UTC: SSH2 1: received packet type 20
Sep 4 08:49:10 UTC: SSH2 1: SSH2_MSG_KEXINIT received
Sep 4 08:49:10 UTC: SSH2: kex: client->server aes128-cbc hmac-md5 none
Sep 4 08:49:10 UTC: SSH2: kex: server->client aes128-cbc hmac-md5 none
Sep 4 08:49:10 UTC: SSH2 1: expecting SSH2_MSG_KEXDH_INIT
Sep 4 08:49:10 UTC: SSH2 1: ssh_receive: 144 bytes received
Sep 4 08:49:10 UTC: SSH2 1: input: packet len 144
Sep 4 08:49:10 UTC: SSH2 1: partial packet 8, need 136, maclen 0
Sep 4 08:49:10 UTC: SSH2 1: input: padlen 5
Sep 4 08:49:10 UTC: SSH2 1: received packet type 30
Sep 4 08:49:10 UTC: SSH2 1: SSH2_MSG_KEXDH_INIT received
Sep 4 08:49:10 UTC: SSH2 1: RSA_sign: private key not found
Sep 4 08:49:10 UTC: SSH2 1: signature creation failed, status -1
Sep 4 08:49:10 UTC: SSH1: Session disconnected - error 0x00
I did "crypto key zeroize rsa" and reconfigure, but still the same behavior.
Do you have any idea why?
Thanks!
Cheers,
Calin
09-04-2008 02:18 AM
Calin,
The error appears to be the moethod you are using to ssh to the device:-
Sep 4 08:49:10 UTC: SSH2 1: RSA_sign: private key not found
I suggest you try using a ssh client like PuTTY:-
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
HTH>
09-04-2008 02:35 AM
Hi!
Trust me, I would be more than happy to be able to use putty or other ssh client, but unfortunately I cannot. The management machine is a text linux OS...so I'm stuck with this for the moment.
Any other ideas are welcome!
Thanks and cheers,
Calin
09-04-2008 02:38 AM
Sorry - not a linux guru!
09-04-2008 04:42 AM
I found the solution!
So, the person that worked before me on this switch, did the following:
-change the hostname from CAPITAL LETTERS to small letters
-generate a new rsa key
-the ssh stopped working because the ssh was never disable for the hostname with CAPITAL LETTERS
what I did:
-put back the hostname in CAPITAL LETTERS
-generate rsa key
-delete rsa key...in this moment I received:
%SSH-5-DISABLED: SSH 2.0 has been disabled
-change the name in small letters
-generate a new rsa key...in this moment I received:
%SSH-5-ENABLED: SSH 2.0 has been enabled
Now it is working!
Thanks all for support!
Calin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide