Re: SSH client access

saeed.ahmed · ‎01-23-2007

Hi..

I need help regading ssh connection.

I have configured my router to accept ssh connection. domain name, user/passwd,enable pwd,vty pwd,ip address to be allowed are all done and last the rsa keys(1024) have been generated. In vty line i have mentioned transport input telnet ssh (telnet being optional for safeside)...when i try to establish connection thru putty, the router does not accept the passwords.The debugs show the following output..

SSH0: invalid old access type configured - 0x01

SSH0: SSH_SMSG_FAILURE message sent

sachinraja · ‎01-23-2007

Hello Saeed,

I guess the SSH client is trying to login to the router, but there are no login credentials available or configured on the router...Just to note, the router will not consider the telnet password for SSH.. for SSH you need to give a login local or login tacacs on the config.. Do you have a tacacs server??

If not, try putting "login local" on the vty config, configure a username/password and then do SSH. it should work !!!!

Hope this helps.. all the best.. rate replies if found useful..

Regards

Raj

saeed.ahmed · ‎01-24-2007

You just hit a sixer Sachin...

Thanx man..my config only had "login" no local was mentioned besides it..

Your tip appreciated...take care..

saeed.ahmed · ‎01-24-2007

Sachin....theres one more prob...

i'm trying to enable ssh on my pix recently upgraded to v7.2

but same problem..nto able to access

these things r also set..

username hashmi pass xyz

passwd abc

enable pass: jkl

...debug output shows the following..

SSH0: authentication request for userid hashmi

SSH(hashmi): user authen method is 'no AAA', aaa server group ID = 0

SSH0: invalid userid hashmi

SSH0: send SSH message: SSH_SMSG_FAILURE (15)

SSH0: receive SSH message: SSH_CMSG_AUTH_PASSWORD (9)

SSH0: send SSH message: SSH_SMSG_FAILURE (15)

SSH0: receive SSH message: SSH_CMSG_USER (4)

SSH0: invalid SSH message: SSH_CMSG_USER (4) expecting password from client

SSH0: authentication failed for hashmi

SSH0: send SSH message: SSH_MSG_DISCONNECT (1)

SSH0: Session disconnected by SSH server - error 0x01 "Invalid message type"

saeed.ahmed · ‎01-24-2007

Sachin....theres one more prob...

i'm trying to enable ssh on my pix recently upgraded to v7.2

but same problem..nto able to access

these things r also set..

username hashmi pass xyz

passwd abc

enable pass: jkl

...debug output shows the following..

SSH0: authentication request for userid hashmi

SSH(hashmi): user authen method is 'no AAA', aaa server group ID = 0

SSH0: invalid userid hashmi

SSH0: send SSH message: SSH_SMSG_FAILURE (15)

SSH0: receive SSH message: SSH_CMSG_AUTH_PASSWORD (9)

SSH0: send SSH message: SSH_SMSG_FAILURE (15)

SSH0: receive SSH message: SSH_CMSG_USER (4)

SSH0: invalid SSH message: SSH_CMSG_USER (4) expecting password from client

SSH0: authentication failed for hashmi

SSH0: send SSH message: SSH_MSG_DISCONNECT (1)

SSH0: Session disconnected by SSH server - error 0x01 "Invalid message type"

sachinraja · ‎01-24-2007

Hello saeed,

can u send me the configs pls ? u can remove ip address/passwords etc and send it.. probably whichever is related to SSH ?

Raj

saeed.ahmed · ‎01-25-2007

Hi..

Sachin the prob got resolved...actually i was missing a keyword of Local instead of Tacacs+. It was looking for tacacs and not the local database whereae my tacacs was not available...Anywayz thanx for the help and i'll be looking forward to you for some other tips time to time..take care..

Regards

Bharat Kumar