RE: ssh problem

From: Ian Stong (istong@stong.org)
Date: Mon May 26 2003 - 14:14:57 GMT-3

• Next message: Connie Nie: "RE: ssh problem"
• Previous message: Rick: "Huge LAB for sale in the DC/ Virginia area Must see!"
• Maybe in reply to: James Bone: "ssh problem"
• Next in thread: Connie Nie: "RE: ssh problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi James,

I setup your scenarios on my www.ccie4u.com terminal server and was able
to ssh in using securecrt as the client. I suspect it's related to your
authentication and not ssh itself. I'm using AAA which you may want to
try adding to get it to work.

aaa new-model
aaa authentication login default local
aaa authentication login line none
aaa authentication login vty local
aaa authentication login exec enable
aaa authorization exec default local
aaa authorization commands 1 default local
aaa accounting update newinfo
!
username ccie privilege 1 password 7 542df425gh56a223

Here is the ssh debug when it works

May 26 13:08:45.019 EDT: SSH0: starting SSH control process
May 26 13:08:45.023 EDT: SSH0: sent protocol version id
SSH-1.5-Cisco-1.25
May 26 13:08:45.523 EDT: SSH0: protocol version id is - SSH-1.5-1.0
May 26 13:08:45.531 EDT: SSH0: SSH_SMSG_PUBLIC_KEY msg
May 26 13:08:46.027 EDT: SSH0: SSH_CMSG_SESSION_KEY msg - length 112,
type 0x03
May 26 13:08:46.031 EDT: SSH: RSA decrypt started
May 26 13:08:52.655 EDT: SSH: RSA decrypt finished
May 26 13:08:52.659 EDT: SSH: RSA decrypt started
May 26 13:08:56.959 EDT: SSH: RSA decrypt finished
May 26 13:08:57.059 EDT: SSH0: sending encryption confirmation
May 26 13:08:57.067 EDT: SSH0: keys exchanged and encryption on
May 26 13:09:05.207 EDT: SSH0: SSH_CMSG_USER message received
May 26 13:09:05.211 EDT: SSH0: authentication request for userid ccie
May 26 13:09:05.219 EDT: SSH0: SSH_SMSG_FAILURE message sent
May 26 13:09:08.207 EDT: SSH0: SSH_CMSG_AUTH_PASSWORD message received
May 26 13:09:08.215 EDT: SSH0: authentication successful for ccie
May 26 13:09:08.659 EDT: SSH0: setting packet size 4096
May 26 13:09:09.175 EDT: SSH0: requesting TTY
May 26 13:09:09.179 EDT: SSH0: setting TTY - requested: length 41, width
80; set
: length 41, width 80
May 26 13:09:09.659 EDT: SSH0: SSH_CMSG_EXEC_SHELL message received

Thanks,

Ian
www.ccie4u.com
Rack Rentals and Lab Scenarios starting at $20

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
James Bone
Sent: Monday, May 26, 2003 11:47 AM
To: ccielab@groupstudy.com
Subject: ssh problem

Hi Group,
 
I'm trying to get ssh running on my test terminal server 2511 but to no
avail. The IOS is 12.1(5)T9. I'm using secureCRT as the client. I have
no problem when using secureCRT to telnet to the router. There's no ACL
on the router. I thought its secureCRT
 so I tried teraterm pro but the same result. I appreciate any
suggestions or inputs.
 
Thanks in advance.
James
 
SecureCRT settings:*************************************
Protocol: ssh1
Username: ccie
Ciphere: DES
Authentication: Password
 
Relevant Router Configuration****************************
 
r2# username ccie password cisco
r2# ip domain-name ccie.com
r2(config)# crypto key generate rsa (using 550 bits)
 
line vty 0 4
 password cisco
 login
 transport input ssh
 
Show output********************************
r2#sh ip ssh
SSH Enabled - version 1.5
Authentication timeout: 120 secs; Authentication retries: 3
 
Debug output*******************************
 
r2#debug ip ssh
Incoming SSH debugging is on
r2#
01:04:44: SSH0: starting SSH control process
01:04:44: SSH0: sent protocol version id SSH-1.5-Cisco-1.25
01:04:44: SSH0: protocol version id is - SSH-1.5-1.0
01:04:44: SSH0: SSH_SMSG_PUBLIC_KEY msg
01:04:45: SSH0: SSH_CMSG_SESSION_KEY msg - length 112, type 0x03
01:04:45: SSH: RSA decrypt started
01:04:52: SSH: RSA decrypt finished
01:04:52: SSH: RSA decrypt started
01:04:55: SSH: RSA decrypt finished
01:04:55: SSH0: sending encryption confirmation
01:04:55: SSH0: keys exchanged and encryption on
01:04:56: SSH0: SSH_CMSG_USER message received
01:04:56: SSH0: authentication request for userid ccie
01:04:56: SSH0: invalid old access type configured - 0x01
01:04:56: SSH0: SSH_SMSG_FAILURE message sent
01:04:56: SSH0: SSH_SMSG_FAILURE message sent
01:05:13: SSH0: SSH_SMSG_FAILURE message sent
01:05:18: SSH0: authentication failed for ccie (code=1)
01:05:18: SSH0: Session disconnected - error 0x09

---------------------------------
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.

• Next message: Connie Nie: "RE: ssh problem"
• Previous message: Rick: "Huge LAB for sale in the DC/ Virginia area Must see!"
• Maybe in reply to: James Bone: "ssh problem"
• Next in thread: Connie Nie: "RE: ssh problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:48 GMT-3