09-04-2008 12:52 AM
Hello!
I have a strange behavior related to cisco ssh configure. I did:
"crypto key generate rsa" choose 1024,
enable under vty lines "transport input ssh" and when I want to connect I getting disconnected. The debug is below:
Sep 4 08:49:09 UTC: SSH1: starting SSH control process
Sep 4 08:49:09 UTC: SSH1: sent protocol version id SSH-2.0-Cisco-1.25
Sep 4 08:49:09 UTC: SSH1: protocol version id is - SSH-2.0-OpenSSH_4.7
Sep 4 08:49:09 UTC: SSH2 1: send: len 280 (includes padlen 4)
Sep 4 08:49:09 UTC: SSH2 1: SSH2_MSG_KEXINIT sent
Sep 4 08:49:10 UTC: SSH2 1: ssh_receive: 792 bytes received
Sep 4 08:49:10 UTC: SSH2 1: input: packet len 792
Sep 4 08:49:10 UTC: SSH2 1: partial packet 8, need 784, maclen 0
Sep 4 08:49:10 UTC: SSH2 1: input: padlen 8
Sep 4 08:49:10 UTC: SSH2 1: received packet type 20
Sep 4 08:49:10 UTC: SSH2 1: SSH2_MSG_KEXINIT received
Sep 4 08:49:10 UTC: SSH2: kex: client->server aes128-cbc hmac-md5 none
Sep 4 08:49:10 UTC: SSH2: kex: server->client aes128-cbc hmac-md5 none
Sep 4 08:49:10 UTC: SSH2 1: expecting SSH2_MSG_KEXDH_INIT
Sep 4 08:49:10 UTC: SSH2 1: ssh_receive: 144 bytes received
Sep 4 08:49:10 UTC: SSH2 1: input: packet len 144
Sep 4 08:49:10 UTC: SSH2 1: partial packet 8, need 136, maclen 0
Sep 4 08:49:10 UTC: SSH2 1: input: padlen 5
Sep 4 08:49:10 UTC: SSH2 1: received packet type 30
Sep 4 08:49:10 UTC: SSH2 1: SSH2_MSG_KEXDH_INIT received
Sep 4 08:49:10 UTC: SSH2 1: RSA_sign: private key not found
Sep 4 08:49:10 UTC: SSH2 1: signature creation failed, status -1
Sep 4 08:49:10 UTC: SSH1: Session disconnected - error 0x00
I did "crypto key zeroize rsa" and reconfigure, but still the same behavior.
Do you have any idea why?
Thanks!
Cheers,
Calin
09-04-2008 02:18 AM
Calin,
The error appears to be the moethod you are using to ssh to the device:-
Sep 4 08:49:10 UTC: SSH2 1: RSA_sign: private key not found
I suggest you try using a ssh client like PuTTY:-
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
HTH>
09-04-2008 02:35 AM
Hi!
Trust me, I would be more than happy to be able to use putty or other ssh client, but unfortunately I cannot. The management machine is a text linux OS...so I'm stuck with this for the moment.
Any other ideas are welcome!
Thanks and cheers,
Calin
09-04-2008 02:38 AM
Sorry - not a linux guru!
09-04-2008 04:42 AM
I found the solution!
So, the person that worked before me on this switch, did the following:
-change the hostname from CAPITAL LETTERS to small letters
-generate a new rsa key
-the ssh stopped working because the ssh was never disable for the hostname with CAPITAL LETTERS
what I did:
-put back the hostname in CAPITAL LETTERS
-generate rsa key
-delete rsa key...in this moment I received:
%SSH-5-DISABLED: SSH 2.0 has been disabled
-change the name in small letters
-generate a new rsa key...in this moment I received:
%SSH-5-ENABLED: SSH 2.0 has been enabled
Now it is working!
Thanks all for support!
Calin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: