Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1462
Views
0
Helpful
3
Replies

6500 VSS crashed

mj11
Level 3
Level 3

‎09-06-2010 03:46 PM - edited ‎03-06-2019 12:51 PM

Hi All

I was wondering if anyone was able to help with the following: I have a pair of 6500 in VSS mode, the active 6500 crashed and the second unit has taken over as expected. Now I am unable to SSH to the active VSS member. The switches are running 12.2(33)SXI3. I had thought maybe the crash was part of the problem, is there a tool on the Cisco site to see the bug that caused the crash, as this says it was a software forced crash.

%Software-forced reload


Breakpoint exception, CPU signal 23, PC = 0x42734E38

Traceback= 41BBD3FC 41BBF094 41BBF51C 41358338 41358324

Also I am seeing the following in the LOG:

SSH2 0: RSA_sign: private key not found

SSH2 0: signature creation failed, status -1

Regards MJ

Labels:
0 Helpful
3 Replies 3

Reza Sharifi
Hall of Fame
Hall of Fame

‎09-06-2010 03:56 PM

Hi MJ,

There is well know bug in SXI3 with SSH key corruption and when the box in upgraded and/or crashed the SSH FQDN in lost.  I would open a TAC case immediately so Cisco can keep track of it.  If you have a lab and can test SXI4a test it and upgrade.

HTH

Reza

0 Helpful

mj11
Level 3
Level 3
In response to Reza Sharifi

‎09-06-2010 04:03 PM

Hi Reza

Thanks for the response, unfortunately I am not able to test the new image. I am running the SXI3 as this is safe harbour and would like to stay on the safe harbour releases. I think SXI4 will be the next safe harbour release but will check with Cisco.

Regards MJ

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to mj11

‎09-06-2010 04:20 PM

Hi MJ,

This is strictly my opinion, but to me safe harbor release does not proof anything.  All of these images are brand new and I have no idea how Cisco can make a code "safe harbor" when it is it only a few months old with limited use.    As matter of fact, at one point, a few months ago SXI2 was "safe harbor" but the next thing you know it was differed, because of major bug issues and crashes.

Here are a couple of know bugs in SXI3 that was resolved in SXI4 and 4a.

HTH

Reza

* CSCsh51293-Resolved in 12.2(33)SXI4

The Secure Shell server (SSH) implementation in Cisco IOS contains multiple vulnerabilities that allow unauthenticated users the ability to generate a spurious memory access error or, in certain cases, reload the device.

* CSCsg65318-Resolved in 12.2(33)SXI4

Symptoms: Malformed SSH version 2 packets may cause a memory leak.

Conditions: This symptom is observed on a Cisco platform configured for SSH version 2 after it has received malformed SSHv2 packets. The impact of this flaw is that the affected platform may operate in a degraded condition. Under rare circumstances it may reload to recover itself.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card