06-27-2007 02:19 PM
Hi all.
Im trying to login to my switch via ssh from a unix term (OS X) but i fail. Tried this:
ssh admin@10.0.5.140
ssh -c des -l admin 10.0.5.140
None workes. Turned on debugging and found:
000247: 3d23h: SSH1: sent protocol version id SSH-1.99-Cisco-1.25
000248: 3d23h: SSH1: protocol version id is - SSH-2.0-OpenSSH_4.5
000249: Jun 27 22:01:19: %SSH-5-SSH2_SESSION: SSH2 Session request from 10.0.5.140 (tty = 1) using crypto cipher 'aes128-cbc', hmac 'hmac-md5' Succeeded
000250: Jun 27 22:01:26: %SSH-5-SSH2_USERAUTH: User '' authentication for SSH2 Session from 10.0.5.140 (tty = 1) using crypto cipher 'aes128-cbc', hmac 'hmac-md5' Failed
000251: Jun 27 22:01:26: %SSH-5-SSH2_CLOSE: SSH2 Session from 10.0.5.140 (tty = 1) for user '' using crypto cipher 'aes128-cbc', hmac 'hmac-md5' closed
000252: 3d23h: SSH1: Session disconnected - error 0x00
It seems that the switch didn't catch my username but i can't figure out why. All help apreciated.
Thx.
p
06-27-2007 03:47 PM
"ssh -l cse 10.32.15.1" works for me from OS X 10.4.10. What does your switch config look like? What version of IOS are you running?
06-27-2007 10:15 PM
Hi, thx for replying.
I have the latest crypto for 3560, 12.2.25:
Cisco IOS Software, C3560 Software (C3560-IPBASEK9-M), Version 12.2(25)SEE3, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Thu 22-Feb-07 15:39 by myl
Image text-base: 0x00003000, data-base: 0x00FF46A8
ROM: Bootstrap program is C3560 boot loader
BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(25r)SEE4, RELEASE SOFTWARE (fc1)
switch_vaning-5 uptime is 4 days, 7 hours, 31 minutes
System returned to ROM by power-on
System restarted at 00:41:15 CET Sun Jun 24 2007
System image file is "flash:c3560-ipbasek9-mz.122-25.SEE3/c3560-ipbasek9-mz.122-25.SEE3.bin"
Heres my cfg except for the ports:
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime
no service password-encryption
service sequence-numbers
!
hostname switch_vaning-5
!
logging count
no logging monitor
enable secret xxx
enable password xxxxx
!
username xxx privilege 15 secret xxx
username giobbi privilege 15 password 0 xxxxx
no aaa new-model
clock timezone CET 1
clock summer-time CET recurring last Sun Mar 2:00 last Sun Oct 3:00
vtp mode transparent
ip subnet-zero
no ip domain-lookup
ip domain-name fb.se
ip name-server 10.0.5.246
!
ip ftp username xxx
ip ftp password xxxxx
ip ssh logging events
interface Vlan1
ip address 10.0.5.218 255.255.255.0
no ip route-cache
!
ip default-gateway 10.0.5.1
ip classless
ip http server
ip http secure-server
!
logging facility local2
logging 10.0.8.184
snmp-server community orvis RO
!
control-plane
!
!
line con 0
line vty 0 4
password xxxx
no login
length 0
line vty 5 15
password xxxxx
no login
!
!
monitor session 1 source interface Gi0/21
monitor session 1 destination interface Gi0/18
ntp clock-period 36029386
ntp server 17.x.0.28 key 0 prefer
end
Running same OS X as you.
Thanks!!
p
06-27-2007 10:26 PM
You're missing a few bits to the config. First, you need an admin username. Next, you need to enable aaa new-model, and add something like:
aaa authentication login default local
Finally, you need to generate your crypto key on the switch:
crypto key generate rsa
06-28-2007 11:51 PM
Great!
Work like a charm. Now i just have to make my new-added admin to work.
: )
Many thx.
03-15-2017 05:24 PM
Hi Joe,
I have all config mentioned on above blog on one of our 3560, still I am not able to login. Can you please help me on this.
sh ver
Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(55)SE3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Thu 05-May-11 15:57 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x02800000
sh runn | in aaa
aaa new-model
aaa authentication login default local
aaa session-id common
sh runn | be vty
line vty 0 4
transport input ssh
line vty 5 15
transport input ssh
!
end
and have crypto key generate rsa enabled on switch.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide