Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1162
Views
0
Helpful
2
Replies

SSH login failure - ssh_init process?

jharms1978
Level 1
Level 1

‎01-01-2007 08:05 PM - edited ‎03-11-2019 02:14 AM

Hi All,

I have an ASA which I am unable to log in to via SSH when I have been previously.

I SSH into the firewall and the TCP connection is created but it is instantly brought down by a TCP RST packet after the 3 way handshake is complete(per a packet capture).

I am able to successfully telnet into the firewall.

I have deleted and re-created the RSA keys without luck. The normal SSH <ip address> lines are in the config for my source network.

The following line appears in the logs and validates my packet sniff :

%ASA-6-302014: Teardown TCP connection 401094 for LAV-LAN:10.0.55.71/3672 to NP Identity Ifc:10.0.13.202/22 duration 0:00:00 bytes 0 TCP Reset-I

I have not rebooted the FW as yet as it is a 24 hour site and even a 5 min reboot is an issue as no failover etc.

I did notice that there are numerous (ie 5) ssh_init processes running when there are no SSH sessions open (per "sh ssh sessions").

Is anyone aware of a bug which may be causing this? There have been some relating to ssh but the release notes are not big on detail. This firewall is running "Cisco Adaptive Security Appliance Software Version 7.0(5)"

Cheers

JH

Labels:
Preview file
2 KB
0 Helpful
2 Replies 2

jmayes
Level 1
Level 1

‎01-01-2007 08:36 PM

Have you changed ssh clients? ASA supports SSH v1 and v2.

Also, if you have ADSM up, what messages occur during the SSH negotiation?

0 Helpful

jharms1978
Level 1
Level 1
In response to jmayes

‎01-01-2007 08:46 PM

I have tried two SSH clients and I specifically forced the use of both v1 and v2 with no luck as well as auto.

I don't use ASDM - however the log entry above was from "sh logg asdm" which I assume is the logs which get given to the asdm client.

Cheers

JH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card