ASA upgrade and SSH

Unanswered Question
Sep 29th, 2008
User Badges:

Hi all. I just upgraded an ASA5505 that I had SSH access to, from the outside interface. I just did a IOS upgrade on it to 8.0 and how I cant SSH into it anymore. I can vpn in, but cant SSH. Does it change something when an upgrade is done so that you have to redo the SSH portion again?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Matthew Warrick Tue, 09/30/2008 - 08:32
User Badges:

Assuming you have the proper access-list in place I'd re-generate the SSH key pair and check the version of SSH your client software is using, i.e. 1 or 2, and make sure your encryption threshold isn't set higher than your firewall license supports, i.e. firewall only has a 3DES license and your client software is trying to force AES.

cisco24x7 Tue, 09/30/2008 - 10:19
User Badges:
  • Silver, 250 points or more
jjoseph01 Tue, 09/30/2008 - 19:50
User Badges:

Yeah, Im pretty sure its not my ssh client trying to force AES. As I stated earlier, I was able to SSH in before the upgrade.

With that said, I am now able to get to the ASA via SSH. Not sure what happened, but a little while later, I was able to get into it without issue. Again, I dont know exactly what happened, but its working again. Thanks.


This Discussion