SSH Issue - urgent Help

Unanswered Question
May 13th, 2009

We have configured all the devices to be accessesd via SSH only, but today we can't SSH on any off our devices, all the devices andnetwork connections are fine.

Any idea why this could be.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
darkbeatzz Wed, 05/13/2009 - 05:02

can you http to them or is that not allowed? you would need to supply some debug info

nico.bakker Wed, 05/13/2009 - 11:15

Did you add a domain name and generated an rsa key after that?

Some hints:

- Your hostname should not be the default name "Router"

- First add a domain-name (needed to generate the key)

my-router(config)#ip domain name mydomain

- Then generate a crypto key. I used 1024 bits in this example

my-router(config)#crypto key generate rsa

The name for the keys will be: my-router.mydomain

Choose the size of the key modulus in the range of 360 to 2048 for your

General Purpose Keys. Choosing a key modulus greater than 512 may take

a few minutes.

How many bits in the modulus [512]: 1024

% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

#############: %SSH-5-ENABLED: SSH 1.99 has been enabled


Patrick Laidlaw Wed, 05/13/2009 - 18:21

Did someone push an access-class list to all of your vty ports?

Were you ever able to ssh to these devices?

Did someone change your AAA login method?

Did you use AAA radius or tacacs if so did something happen to it? My money is on this one.

patel.nishit Thu, 05/14/2009 - 00:31

There is no ACL configured on the devices and only local AAA is configured to authenticate local password for SSH.

Patrick Laidlaw Thu, 05/14/2009 - 09:45

Did you verify that the username and password are still on the device?

A "debug aaa authentication" and "debug ip ssh" would be really useful.

If you want answers provide those and I'm sure the group would be able to help you much easier.


This Discussion