concurrent ssh connections

Unanswered Question
Feb 18th, 2010

Have a question concerning concurrent ssh connections.


I've setup ssh access into a Cat 6513.


line vty 0 - 15 have the transport input/output set to telnet ssh


however, when i launch an ssh connection to an interface on the 6513, any subsequent connection that is made to that interface appears to lock out/disconnect the previous connection made...


have I missed something in the ssh setup process?


Bruce

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Bruce Summers Thu, 02/18/2010 - 06:38

i can yes, but i have already verified that vty's 0 - 15 are configured for ssh


line vty 0 4
exec-timeout 0 0
login local
transport preferred none
transport input ssh
line vty 5 15
exec-timeout 0 0
login local
transport preferred none
transport input ssh

Bruce Summers Thu, 02/18/2010 - 06:51

here's a twist to the problem...


I configured vty 0 15 for both telnet and ssh


i can telnet to the device with concurrent connections using the same interface, but not ssh...


thanks


Bruce

glen.grant Thu, 02/18/2010 - 07:54

  You should be able to have multiple ssh sessions into the box with no problems .  I see you have the exec-timeout as 0 , make sure all your sessions aren't being tied up by sessions that are no longer live,  it should be something like 15 or 30 minutes for exec-timeout .   Config looks ok .

Bruce Summers Thu, 02/18/2010 - 08:08

yes,


the exec time out setting i changed this morning, just to see what affect it would have...and negative on the "no longer connected sessions".


No SSHv1 server connections running.
No SSHv2 server connections running.


(I was telnet'd into the box running the sho ssh command)


Bruce

xcz504d1114 Thu, 02/18/2010 - 08:30

That output of your show SSH, indicates your SSH is not properly running, do a "show ip ssh" does it say something about "Please create RSA keys" or something of the sort?


You also may need to wipe and recreate the RSA key, here are procedures for doing that, please make sure to read the caution warning:


http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml#tbs

Bruce Summers Thu, 02/18/2010 - 09:13

thanks for the post.


sho ip ssh
SSH Enabled - version 2.0
Authentication timeout: 90 secs; Authentication retries: 3

output from sho ip ssh...


RSA keys are certainly generated, or i wouldnt be able to make the first connection, I wouldnt think...


when i dumped the sho ssh, i wasnt connected to the device via ssh, i used a telnet session...thus, the no server connections.


It may have something to do with the interface...as a test, I have another interface in which i can ssh into the device on...


if i ssh into the device on 2 separate interfaces, to problem...but, 2 concurrent connections, to the same interface, no joy...


bruce

Actions

This Discussion