https://community.cisco.com/t5/network-security/idm-connection-error/m-p/1132153#M78770 <HTML><HEAD></HEAD><BODY><P>you must have has specified some ssh known hosts in ips.</P><P></P><P>ips logs into these devices via ssh and puts a shun.</P><P></P><P>#####</P><P></P><P>as idm is not able to retrieve this info.,I would look intp the service sshknownhosts from cli :</P><P></P><P>IPS-4240-Security# sh config</P><P>! ------------------------------</P><P>! Current configuration last modified Tue Sep 16 16:35:23 2008</P><P>! ------------------------------</P><P>! Version 6.1(1)</P><P>! Host:</P><P>! Realm Keys key1.0</P><P>! Signature Definition:</P><P>! Signature Update S329.0 2008-04-16</P><P>! Virus Update V1.2 2005-11-24</P><P>! ------------------------------</P><P>service interface</P><P>physical-interfaces GigabitEthernet0/0</P><P>admin-state enabled</P><P>subinterface-type none</P><P>exit</P><P>exit</P><P>! ------------------------------</P><P>service authentication</P><P>exit</P><P>! ------------------------------</P><P>service event-action-rules rules0</P><P>overrides deny-packet-inline</P><P>override-item-status Enabled</P><P>risk-rating-range 70-100</P><P>exit</P><P>exit</P><P>! ------------------------------</P><P>service host</P><P>network-settings</P><P>host-ip 192.168.16.17/25,192.168.16.1</P><P>host-name IPS-4240-Security</P><P>telnet-option enabled</P><P>access-list 0.0.0.0/0</P><P>exit</P><P>time-zone-settings</P><P>offset 330</P><P>standard-time-zone-name GMT+05:30</P><P>exit</P><P>auto-upgrade</P><P>cisco-server disabled</P><P>exit</P><P>exit</P><P>! ------------------------------</P><P>service logger</P><P>exit</P><P>! ------------------------------</P><P>service network-access</P><P>exit</P><P>! ------------------------------</P><P>service notification</P><P>exit</P><P>! ------------------------------</P><P>service signature-definition sig0</P><P>exit</P><P>! ------------------------------</P><P>service ssh-known-hosts</P><P>exit</P><P>! ------------------------------</P><P>service trusted-certificates</P><P>exit</P><P>! ------------------------------</P><P>service web-server</P><P>exit</P><P>! ------------------------------</P><P>service anomaly-detection ad0</P><P>exit</P><P>! ------------------------------</P><P>service external-product-interface</P><P>exit</P><P>! ------------------------------</P><P>service health-monitor</P><P>exit</P><P></P><P>IPS-4240-Security# conf t</P><P>IPS-4240-Security(config)# service ssh-known-hosts</P><P>IPS-4240-Security(config-ssh)# ?</P><P>default Set the value back to the system default setting.</P><P>exit Exit service configuration mode.</P><P>no Remove an entry or selection setting.</P><P>rsa1-keys SSHPv1.5 RSA public keys of known hosts</P><P>show Display system settings and/or history information.</P><P>IPS-4240-Security(config-ssh)# ?</P><P>default Set the value back to the system default setting.</P><P>exit Exit service configuration mode.</P><P>no Remove an entry or selection setting.</P><P>rsa1-keys SSHPv1.5 RSA public keys of known hosts</P><P>show Display system settings and/or history information.</P><P>IPS-4240-Security(config-ssh)# default ?</P><P>rsa1-keys Reset rsa1-keyscontents back to default.</P><P>IPS-4240-Security(config-ssh)# rsa1-keys ?</P><P><A.B.C.D> IP address of the remote host</A.B.C.D></P><P>IPS-4240-Security(config-ssh)# default</P><P>% Incomplete command</P><P>IPS-4240-Security(config-ssh)# default ?</P><P>rsa1-keys Reset rsa1-keyscontents back to default.</P><P>IPS-4240-Security(config-ssh)# default rsa1-keys ?</P><P><A.B.C.D> IP address of the remote host</A.B.C.D></P><P><CR></CR></P><P>IPS-4240-Security(config-ssh)#</P><P></P><P></P><P>###########</P><P></P><P>set the system default for the host ip addresses ,for which you have added the ssh keys.</P><P></P><P></P><P>Regards,</P><P>Sushil</P></BODY></HTML> Mon, 22 Sep 2008 14:40:37 GMT suschoud 2008-09-22T14:40:37Z https://community.cisco.com/t5/network-security/idm-connection-error/m-p/1132152#M78768 <P>I am trying to connect to a 4255 sensor with IDM,but am unable to do so. I get the following error "Error connecting to sensor.Failed to load sensor.- Error getting config data from the following modules:sshKnownHosts</P><P>Exiting IDM"</P><P></P><P>Anyone know why and how I can fix it?</P> Sun, 10 Mar 2019 11:18:09 GMT https://community.cisco.com/t5/network-security/idm-connection-error/m-p/1132152#M78768 ashish-gupta 2019-03-10T11:18:09Z https://community.cisco.com/t5/network-security/idm-connection-error/m-p/1132153#M78770 <HTML><HEAD></HEAD><BODY><P>you must have has specified some ssh known hosts in ips.</P><P></P><P>ips logs into these devices via ssh and puts a shun.</P><P></P><P>#####</P><P></P><P>as idm is not able to retrieve this info.,I would look intp the service sshknownhosts from cli :</P><P></P><P>IPS-4240-Security# sh config</P><P>! ------------------------------</P><P>! Current configuration last modified Tue Sep 16 16:35:23 2008</P><P>! ------------------------------</P><P>! Version 6.1(1)</P><P>! Host:</P><P>! Realm Keys key1.0</P><P>! Signature Definition:</P><P>! Signature Update S329.0 2008-04-16</P><P>! Virus Update V1.2 2005-11-24</P><P>! ------------------------------</P><P>service interface</P><P>physical-interfaces GigabitEthernet0/0</P><P>admin-state enabled</P><P>subinterface-type none</P><P>exit</P><P>exit</P><P>! ------------------------------</P><P>service authentication</P><P>exit</P><P>! ------------------------------</P><P>service event-action-rules rules0</P><P>overrides deny-packet-inline</P><P>override-item-status Enabled</P><P>risk-rating-range 70-100</P><P>exit</P><P>exit</P><P>! ------------------------------</P><P>service host</P><P>network-settings</P><P>host-ip 192.168.16.17/25,192.168.16.1</P><P>host-name IPS-4240-Security</P><P>telnet-option enabled</P><P>access-list 0.0.0.0/0</P><P>exit</P><P>time-zone-settings</P><P>offset 330</P><P>standard-time-zone-name GMT+05:30</P><P>exit</P><P>auto-upgrade</P><P>cisco-server disabled</P><P>exit</P><P>exit</P><P>! ------------------------------</P><P>service logger</P><P>exit</P><P>! ------------------------------</P><P>service network-access</P><P>exit</P><P>! ------------------------------</P><P>service notification</P><P>exit</P><P>! ------------------------------</P><P>service signature-definition sig0</P><P>exit</P><P>! ------------------------------</P><P>service ssh-known-hosts</P><P>exit</P><P>! ------------------------------</P><P>service trusted-certificates</P><P>exit</P><P>! ------------------------------</P><P>service web-server</P><P>exit</P><P>! ------------------------------</P><P>service anomaly-detection ad0</P><P>exit</P><P>! ------------------------------</P><P>service external-product-interface</P><P>exit</P><P>! ------------------------------</P><P>service health-monitor</P><P>exit</P><P></P><P>IPS-4240-Security# conf t</P><P>IPS-4240-Security(config)# service ssh-known-hosts</P><P>IPS-4240-Security(config-ssh)# ?</P><P>default Set the value back to the system default setting.</P><P>exit Exit service configuration mode.</P><P>no Remove an entry or selection setting.</P><P>rsa1-keys SSHPv1.5 RSA public keys of known hosts</P><P>show Display system settings and/or history information.</P><P>IPS-4240-Security(config-ssh)# ?</P><P>default Set the value back to the system default setting.</P><P>exit Exit service configuration mode.</P><P>no Remove an entry or selection setting.</P><P>rsa1-keys SSHPv1.5 RSA public keys of known hosts</P><P>show Display system settings and/or history information.</P><P>IPS-4240-Security(config-ssh)# default ?</P><P>rsa1-keys Reset rsa1-keyscontents back to default.</P><P>IPS-4240-Security(config-ssh)# rsa1-keys ?</P><P><A.B.C.D> IP address of the remote host</A.B.C.D></P><P>IPS-4240-Security(config-ssh)# default</P><P>% Incomplete command</P><P>IPS-4240-Security(config-ssh)# default ?</P><P>rsa1-keys Reset rsa1-keyscontents back to default.</P><P>IPS-4240-Security(config-ssh)# default rsa1-keys ?</P><P><A.B.C.D> IP address of the remote host</A.B.C.D></P><P><CR></CR></P><P>IPS-4240-Security(config-ssh)#</P><P></P><P></P><P>###########</P><P></P><P>set the system default for the host ip addresses ,for which you have added the ssh keys.</P><P></P><P></P><P>Regards,</P><P>Sushil</P></BODY></HTML> Mon, 22 Sep 2008 14:40:37 GMT https://community.cisco.com/t5/network-security/idm-connection-error/m-p/1132153#M78770 suschoud 2008-09-22T14:40:37Z https://community.cisco.com/t5/network-security/idm-connection-error/m-p/1132154#M78772 <HTML><HEAD></HEAD><BODY><P>Hi Sushil,</P><P> Thank you for your reply, but it is not clear what I have to do. </P><P>There is nothing in "service ssh-known-hosts"</P><P></P><P>! ------------------------------ </P><P>service ssh-known-hosts </P><P>exit </P><P>! ------------------------------ </P><P></P><P>Can you explain step by step, what is to be done as I am a newbie </P></BODY></HTML> Tue, 23 Sep 2008 07:28:02 GMT https://community.cisco.com/t5/network-security/idm-connection-error/m-p/1132154#M78772 ashish-gupta 2008-09-23T07:28:02Z https://community.cisco.com/t5/network-security/idm-connection-error/m-p/1132155#M78773 <HTML><HEAD></HEAD><BODY><P>Sushil,</P><P> I did an "IPS Recovery", and now I can can connect.</P><P>Thank you for your help. Off course I still don't understand why the error though.</P></BODY></HTML> Tue, 23 Sep 2008 09:09:15 GMT https://community.cisco.com/t5/network-security/idm-connection-error/m-p/1132155#M78773 ashish-gupta 2008-09-23T09:09:15Z