Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SSH access to PIX

Hello ,

i have a PIX 515 . I have configure SSH access to the outside interface. But if i login the access rejected with the error.

Invalid message type

I have configure a username password with all privileg . The actualy Siftware is the Version 6.2 .

The access with PDM works fine.

anybody an idea ?

thanks

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: SSH access to PIX

First of all you need todo the foillowing

hostname XXXXXXXX

Domain-name XXXXXXXX

passwd XXXXXXX (this is the password used to authenticate Telnet / SSH)

Then you will need to create a RSA key pair

ca generate rsa key 512 (check this command you can mess around with the encryption levels ie 512 or 1204)

Allow Hosts/Networks to ssh to your PIX

ssh #ip address or network# #subnet mask# #interface#

EG

If my external IP address my 1.1.1.1 and I needed to acess your pix you would have to enter the following command

ssh 1.1.1.1 255.255.255.255 outside

If you get prompted for a username try pix, I use scrt very good terminal software.

Thanks

RG

3 REPLIES

Re: SSH access to PIX

Have you entered all these commands on the PIX:

ssh x.x.x.x 255.255.255.255 outside

ssh timeout x

hostname pix

domain-name example.com

ca generate rsa key 1024

If yes, what is your SSH client version, should be 1.x (I use 1.5 and it works).

Hope it helps.

Steve

Re: SSH access to PIX

From cisco:

Invalid message type: The PIX Firewall received a non-SSH message, or an unsupported or unwanted SSH message.

Action: Check whether the peer is an SSH client. If it is a client supporting SSHv1, and this message persists, from the PIX serial console enter the debug ssh command and capture the debug messages. Then contact Cisco TAC.

Steve

New Member

Re: SSH access to PIX

First of all you need todo the foillowing

hostname XXXXXXXX

Domain-name XXXXXXXX

passwd XXXXXXX (this is the password used to authenticate Telnet / SSH)

Then you will need to create a RSA key pair

ca generate rsa key 512 (check this command you can mess around with the encryption levels ie 512 or 1204)

Allow Hosts/Networks to ssh to your PIX

ssh #ip address or network# #subnet mask# #interface#

EG

If my external IP address my 1.1.1.1 and I needed to acess your pix you would have to enter the following command

ssh 1.1.1.1 255.255.255.255 outside

If you get prompted for a username try pix, I use scrt very good terminal software.

Thanks

RG

161
Views
7
Helpful
3
Replies
CreatePlease login to create content