Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problem logging into router after SSH

I have two 1811 routers wherein I have setup SSH.  Everything went well on both.  This is the first time I've decided to do SSH and/or better security.  Both are not-yet-production.

I went home Friday with everything working fine.  I come back in Monday and decide to login to both.  The first was fine and I got in ok.  The 2nd, however, gave me a "connection refused" error from putty.  I kept trying and finally roll-over cabled into it.  I could find nothing wrong and I got in fine via rollover.

I finally saved the config and powered-all-the-way down and then back up.  This allowed me in fine.

Question: I am concerned about doing the rest of my production routers with SSH as I've never had this problem before, and would hate to have to cold start a router in production in order to  get into it.

Am I being silly or missing something?

4 REPLIES
VIP Super Bronze

Problem logging into router after SSH

You usually don't need to reboot to login via SSH.  It could be bug in the IOS that resolved it temporarily.  Next time, if you have the same issue try using a different terminal emulator like Tera Term or SecureCRT.  SecureCRT is not free.

HTH

Re: Problem logging into router after SSH

Hello

Could you post your config and also

sh ip ssh

Res
Paul

Sent from Cisco Technical Support iPad App

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Re: Problem logging into router after SSH

Connection refused can mean all the lines are in use. Possibly, you have only configured one VTY line, and didn't disocnnect the previous sesison correclty. hence it refused your new attempt.

I would do this:

line vty 0 4

exec-timeout 20 0

transport input ssh

this will allow 5 connections ( 0 through 4), and will automaitcally close them after 20 minutes of inactivity and will refuse any telnet attempts.

New Member

Problem logging into router after SSH

How many bits did you use to generate the crypto key rsa?

I had a issue just like that, i was using 512, then re-generate the crypto key with 1024, then everything went ok

"The recommended minimum modulus size is 1024 bits."

http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfssh.html

Regards

130
Views
0
Helpful
4
Replies