https://community.cisco.com/t5/network-security/quirky-one-logging-in/m-p/1177709#M859916 <HTML><HEAD></HEAD><BODY><P>Hi Handsy</P><P></P><P>I did do a debug before your reply and I got:</P><P>SSH2 0: waiting for SSH2_MSG_NEWKEYSSSH0: TCP read failed, error code = 0x86300003 "TCP connection closed"</P><P>SSH0: receive SSH message: [no message ID: variable *data is NULL]</P><P></P><P>SSH2 0: Unexpected mesg type receivedSSH0: Session disconnected by SSH server - error 0x00 "Internal error"</P><P></P><P>... but as it's a/hrs here I thought "stuff it" and rebooted. It is not the first time it has gone down since the weekend tho. Then when I tried my trusty linux SSH I was again denied but this time with the good looking "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" </P><P></P><P>I deleted the key in known_hosts and now I am back in. But I don't understand it as telnet would not work either, now it does of course. </P><P></P><P>I hate 'fixing' things with a reboot ... it's so, like, microsoft <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span> </P><P></P><P>Cheers anyways,</P><P>Mike</P></BODY></HTML> Tue, 12 May 2009 09:04:34 GMT m.surtees 2009-05-12T09:04:34Z https://community.cisco.com/t5/network-security/quirky-one-logging-in/m-p/1177707#M859914 <P>Hi all,</P><P></P><P>I'm not sure what's missing here. I moved a FW over the weekend and now only have console access. It's a 5520 running 8.0(3). From the config I have the usual:</P><P></P><P>ssh scopy enable</P><P>ssh 10.x.0.0 255.255.0.0 Axx</P><P>ssh timeout 10</P><P>ssh version 2</P><P>telnet 10.x.0.0 255.255.0.0 Axx</P><P>telnet timeout 120</P><P>management-access Axx </P><P></P><P>- I've zeroized and regenerated the rsa key.</P><P>- The Axx int is up and up and I can ping it from the 10.x.0.0 network. Axx is also the inside interface security-100. Managemnet0/0 is in shutdown</P><P></P><P>The following logs are generated when telneting and ssh respectively (same except for d-port):</P><P></P><P>17:03:03: %ASA-6-302013: Built inbound TCP connection 8100 for ASG:10.x.14.14/1898 (10.x.14.14/1898) to NP Identity Ifc:10.x.109.10/23 (10.x.109.10/23)</P><P>17:03:03: %ASA-6-302014: Teardown TCP connection 8100 for ASG:10.x.14.14/1898 to NP Identity Ifc:10.x.109.10/23 duration 0:00:00 bytes 0 TCP Reset-I</P><P>17:19:41: %ASA-6-302013: Built inbound TCP connection 8270 for ASG:10.x.0.60/33251 (10.x.0.60/33251) to NP Identity Ifc:10.x.109.10/22 (10.x.109.10/22)</P><P>17:19:41: %ASA-6-302014: Teardown TCP connection 8270 for ASG:10.x.0.60/33251 to NP Identity Ifc:10.x.109.10/22 duration 0:00:00 bytes 0 TCP Reset-I</P><P></P><P>From PuTTY I just get "Network error: Software caused connection abort". From OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003 I get a "ssh_exchange_identification: read: Connection reset by peer" and back to bash prompt</P><P></P><P>Both these clients worked fine on this FW before the power-down and move and still work on all other ASAs and PIXs and ... Very little luck finding anything on Web.</P><P></P><P>Any help much appreciated</P><P>- Mike</P><P> </P> Mon, 11 Mar 2019 15:30:37 GMT https://community.cisco.com/t5/network-security/quirky-one-logging-in/m-p/1177707#M859914 m.surtees 2019-03-11T15:30:37Z https://community.cisco.com/t5/network-security/quirky-one-logging-in/m-p/1177708#M859915 <HTML><HEAD></HEAD><BODY><P>Have you enabled 'debug ssh' yet?</P><P>Lots of useful data printed back to screen when attempting login that may help you <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P></BODY></HTML> Tue, 12 May 2009 08:49:43 GMT https://community.cisco.com/t5/network-security/quirky-one-logging-in/m-p/1177708#M859915 handsy 2009-05-12T08:49:43Z https://community.cisco.com/t5/network-security/quirky-one-logging-in/m-p/1177709#M859916 <HTML><HEAD></HEAD><BODY><P>Hi Handsy</P><P></P><P>I did do a debug before your reply and I got:</P><P>SSH2 0: waiting for SSH2_MSG_NEWKEYSSSH0: TCP read failed, error code = 0x86300003 "TCP connection closed"</P><P>SSH0: receive SSH message: [no message ID: variable *data is NULL]</P><P></P><P>SSH2 0: Unexpected mesg type receivedSSH0: Session disconnected by SSH server - error 0x00 "Internal error"</P><P></P><P>... but as it's a/hrs here I thought "stuff it" and rebooted. It is not the first time it has gone down since the weekend tho. Then when I tried my trusty linux SSH I was again denied but this time with the good looking "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" </P><P></P><P>I deleted the key in known_hosts and now I am back in. But I don't understand it as telnet would not work either, now it does of course. </P><P></P><P>I hate 'fixing' things with a reboot ... it's so, like, microsoft <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span> </P><P></P><P>Cheers anyways,</P><P>Mike</P></BODY></HTML> Tue, 12 May 2009 09:04:34 GMT https://community.cisco.com/t5/network-security/quirky-one-logging-in/m-p/1177709#M859916 m.surtees 2009-05-12T09:04:34Z https://community.cisco.com/t5/network-security/quirky-one-logging-in/m-p/1177710#M859917 <HTML><HEAD></HEAD><BODY><P>haha, how very annoying <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>glad you got it fixed though</P></BODY></HTML> Tue, 12 May 2009 09:09:32 GMT https://community.cisco.com/t5/network-security/quirky-one-logging-in/m-p/1177710#M859917 handsy 2009-05-12T09:09:32Z