I've got a few SG300-52 small business switches running software version 18.104.22.168 which I configured for ssh management access with public key authentication via:
ip ssh server
ip ssh pubkey-auth auto-login
username mgmt password ... privilege 15
crypto key pubkey-chain ssh
user-key mgmt rsa
This is working fine if I connect interactively from my management system with:
ssh -i mgmt_id_rsa [email protected]
where mgmt_id_rsa is the name of a file containing the private key.
I get a privileged command prompt as intended, without being asked for a password.
However if I try to pass a command on the ssh command line like this:
ssh -i mgmt_id_rsa [email protected] show version
the command just hangs until I hit the Enter key a second time, and then emits the strange message:
Received disconnect from 10.11.12.13: 2:
A client is already connected
(Exactly like that, including the line break after the "2:" and the blank before "A client".)
This is unfortunate as the objective is to send commands to the switch from a script.
The same happens if I pipe the command I want to send into ssh like this:
echo show version | ssh -i mgmt_id_rsa [email protected]
except the error message appears immediately and I don't have to hit Enter a second time.
Looks like I hit another bug in Cisco's ssh implementation? Any idea for a workaround?